For the solution to your question, In the register_post_type arguments, use the capability_type parameter & then grant the specific capabilities to the users. For instance, if you set 'capability_type' => 'supplier', grant the edit_supplier capability to all administrators only
More Details
capabilities takes an array of the capabilities in the format 'edit_post' => 'edit_supplier'
This basically means that wherever the core code was using edit_post capability previously, now it will use edit_supplier (You’ll have to grant edit_supplier capability to all the users yourself including the administrators, wordpress doesn’t do that for you)
if you didn’t provide the capabilities array & map_meta_cap is true, then wordpress will generate the default capabilities array from the capability_type value provided, like this
[edit_post] => "edit_{$capability_type}"
[read_post] => "read_{$capability_type}"
[delete_post] => "delete_{$capability_type}"
[edit_posts] => "edit_{$capability_type}s"
[edit_others_posts] => "edit_others_{$capability_type}s"
[publish_posts] => "publish_{$capability_type}s"
[read_private_posts] => "read_private_{$capability_type}s"
[delete_posts] => "delete_{$capability_type}s"
[delete_private_posts] => "delete_private_{$capability_type}s"
[delete_published_posts] => "delete_published_{$capability_type}s"
[delete_others_posts] => "delete_others_{$capability_type}s"
[edit_private_posts] => "edit_private_{$capability_type}s"
[edit_published_posts] => "edit_published_{$capability_type}s"
where {$capability_type} is the value you provided. If map_meta_cap is false, wordpress will ignore the capability_type parameter completely (or say consider it to be ‘post’ & then use map_meta_cap)