USER -> Dont let user manage 'superuser' boolean

[submarcos]

• superuser should be used only in backend
• There is big problem here, a user with permission to add user can create superusers, so they can elevate privileges from 1 to all permssions (superusers have ALL permissions)