Working on ACL (access control lists) for multiple users for an e-commerce application

Hello folks, I am working on an e-commerce kind of application which has users who can act as vendors and users who would be buyers. Now I would like to have a functionality wherein if the user is a customer or buyer he sees a different dashboard altogether with only his personal info and transaction details. Whereas when a vendor logs in he would see all his services listed on the dashboard.

Now my dilemma is how do I differentiate the user and create ACL at the backend,for example a user who subscribes to a service becomes a vendor and have a flag in DB to check it, while a non-subscribed user becomes regular user.

I store all of them(users) in a single table and distinguish based on subscription or should I have different tables entirely for both vendor and users?

Are there any examples of such ACL's for reference?