Change: restrict altering and creation of superusers to superusers only (#8837)

src-ui/src/app/components/common/edit-dialog/user-edit-dialog/user-edit-dialog.component.spec.ts

@@ -160,4 +160,23 @@ describe('UserEditDialogComponent', () => {
     })
     expect(component.currentUserIsSuperUser).toBeTruthy()
   })
+
+  it('should disable superuser option if current user is not superuser', () => {
+    const control: AbstractControl = component.objectForm.get('is_superuser')
+    permissionsService.initialize([], {
+      id: 99,
+      username: 'user99',
+      is_superuser: false,
+    })
+    component.ngOnInit()
+    expect(control.disabled).toBeTruthy()
+
+    permissionsService.initialize([], {
+      id: 99,
+      username: 'user99',
+      is_superuser: true,
+    })
+    component.ngOnInit()
+    expect(control.disabled).toBeFalsy()
+  })
 })

src-ui/src/app/components/common/edit-dialog/user-edit-dialog/user-edit-dialog.component.ts

@@ -60,6 +60,11 @@ export class UserEditDialogComponent
   ngOnInit(): void {
     super.ngOnInit()
     this.onToggleSuperUser()
+    if (!this.currentUserIsSuperUser) {
+      this.objectForm.get('is_superuser').disable()
+    } else {
+      this.objectForm.get('is_superuser').enable()
+    }
   }
 
   getCreateTitle() {