📜 Description

manager is able to assign super admin permissions through permission groups

👟 Reproduction steps

1.Create a permission group (for example:newgrp) having superadmin permission using the superadmin access.
2. Now give permission to a user as manager in devtron apps of a particular project.
3. Now SSO login using that user.
4. Now assign that already existing permission group(newgrp) to any non-superadmin user, now that non-superadmin user will have the access capabilities of superadmin.

👍 Expected behavior

Not able to make superadmin

👎 Actual Behavior

Able to make superadmin

☸ Kubernetes version

.

Cloud provider

🌍 Browser

Chrome

🧱 Your Environment

No response

✅ Proposed Solution

.

👀 Have you spent some time to check if this issue has been raised before?

• I checked and didn't find any similar issue

🏢 Have you read the Code of Conduct?

• I have read the Code of Conduct

AB#9637