Describe the bug

Users that are group admins for a group and part of that group can skip approval due to AdminExcludedRule logic

To Reproduce

1. Add "user" and "admin" group
2. Make the admin group a "Group admin"
3. Set "admin" group as group Administrator
4. Add user to both groups
5. Try to book device with approval required

Expected behavior

Reservation should still require approval by resource admin

Current behavior

User skips approval as AdminExcludedRule return true for
$user->IsAdminFor($reservationUser)

Additional context

• LibreBooking version: 98b72b4
• Solution might be to split AdminExcludedRule into different cases