system user lifecycle

The system user lifecycle is a little clunky. In a real org system users come and go, and are usually also regular users. Once you create a system user with the same email address as a regular user, they are joined at the hip for ever. Ideally, admin would just be a role in your system rather than a whole separate user identity you patch on the backend. From a UX point of view, we should be able to add an admin role to a regular user, and later remove that admin role. Right now, if i try to uncheck admin, it requires me to have at least one admin role specified, and i can only mark the user inactive (which is not intuitive). You also lack the concept of a superadmin - admin users can disable each other - yes, there is an audit trail, but there really should be a superadmin who is able to administer admins, with admins only being able to perform the actions they are granted by the superadmin. I understand this is likely an architectural refactor, but it would make the system better and more secure.