[Strapi role hierarchy] Restrict the ability to create new users with the SuperAdmin role for users of a custom role

Maby you could use RBAC for this but super users could change that so I guess your solution would have to be a custom middleware on both the admin and the api