Implement SUPER_ADMIN permission checks in user management

- Added validation to ensure that only existing SUPER_ADMIN users can grant or modify SUPER_ADMIN permissions.
- Updated the user management page to reflect that both SUPER_ADMIN and COMPANY_ADMIN can access the user permissions, while COMPANY_ADMIN cannot grant SUPER_ADMIN rights.
- Enhanced the user authorization modal to prevent COMPANY_ADMIN from changing SUPER_ADMIN permissions, ensuring proper access control.

These changes improve the security and integrity of user role management within the application.

backend-node/src/controllers/adminController.ts

@@ -2696,6 +2696,35 @@ export const saveUser = async (req: AuthenticatedRequest, res: Response) => {
         });
         return;
       }
+
+      // SUPER_ADMIN 권한 부여는 최고관리자만 가능
+      const requestUser = req.user;
+      const isRequesterSuperAdmin = requestUser?.companyCode === "*" && requestUser?.userType === "SUPER_ADMIN";
+
+      if (userData.userType.trim() === "SUPER_ADMIN" && !isRequesterSuperAdmin) {
+        res.status(403).json({
+          success: false,
+          message: "최고 관리자 권한은 최고 관리자만 부여할 수 있습니다.",
+          error: { code: "FORBIDDEN_SUPER_ADMIN_GRANT" },
+        });
+        return;
+      }
+
+      // 기존 SUPER_ADMIN 사용자의 권한은 최고관리자만 변경 가능
+      if (isUpdate && !isRequesterSuperAdmin) {
+        const targetUser = await queryOne<{ user_type: string }>(
+          `SELECT user_type FROM user_info WHERE user_id = $1`,
+          [userData.userId?.trim()]
+        );
+        if (targetUser?.user_type === "SUPER_ADMIN") {
+          res.status(403).json({
+            success: false,
+            message: "최고 관리자의 권한은 다른 최고 관리자만 변경할 수 있습니다.",
+            error: { code: "FORBIDDEN_SUPER_ADMIN_MODIFY" },
+          });
+          return;
+        }
+      }
     }
 
     // 4. 비밀번호 최소 길이 검증 (신규 등록 시)