Software design

Additional role, whitelist or blacklist?

For example, give access to send messages or log in to the site.
In the case of roles , there will be quite a lot of them, but what's the difference, since the connection is User - Role and only, then at least when. ROLE_CAN_AUTH, for example, is one of the default ones, just add 1 entry to the array.
Blacklist I mean ban. If the user is in the ban table, then he cannot log in. But since there can be many types of bans, like entering, sending a message, and so on.
The whitelist is the same principle as the blacklist, if the user is on the list, allow login, send a message, enter the admin area.
I thought to use different principles, for example, to enter the Whitelist admin panel by ID + create a ban type and the connection User - Ban - Ban Type to check the entrance to the site, send a message and role to check the user type and nothing more.

• A role is a user type and nothing more. Admin, moderator, etc.
  
• Ban blacklist of user actions to which he had access and was selected, as a result, for example, spam.
  
• Whitelist, very rare cases, for example, 2 admins and only one should have the right, for example, to confirm to approve a post for publication.
  

Do I understand the difference between these 3 features correctly, or are they essentially all roles and the blacklist and whitelist are just an additional overhead?