it has been found that user with *_users permission who is assigned to some
organization(s) can do all operations granted by these permissions on all
administrator user objects. We consider admin to effectively be present in
all organizations, which was the motivation for displaying them in every context.

On one hand, it make sense from technical point of view. On the other hand,
it's unexpected and user that is supposed to have access to his/her
organizations can edit global admin accounts including changing their
passwords.

The problem seems to be present since Foreman 1.5 [1] where nesting of
organizations was introduced [2]. The fix seems to be straightforward, add
admin ids to the set only if User.current.admin? in Taxonomix module [3]

[1] http://projects.theforeman.org/issues/3912
[2] https://github.com/theforeman/foreman/commit/
1fa008a4#diff-501156756cdcbc510254e30f9e2a29daR40
[3] https://github.com/theforeman/foreman/blob/develop/app/models/concerns/
taxonomix.rb#L85