PR approved by non code owner

Hi,
I am doing some tests in order to move my team to git and GitHub
We are testing the code owners and pull request mechanism and I’ve encountered a problem:
I have 2 users in the repository, User1 (myself) that has Admin rights and User2 that is Write rights
I have set up the code owners as such:
* User1

I have branch protection in place that require 1 approval by code owner, and I excluded administrators
That means I can merge my own PR without the need for approval - that works fine
My problem is that User2, despite not being an Admin or code owner, can approve the PR.

Is there a way to make sure that users that are not admin or codeowners will not be able to approve PRs?

Thanks.

But if User2 is a collaborator then the “excluded administrators” rule doesn’t apply to User2. The terms “administrators” is a bit generic, but from my understanding in the context of branch rules it means really any collaborator with access right. Also, if you’re part of a GitHub Team, these rules and terms might have slightly different meanings.

From what I understand, you need to disable the “excluded administrators” rule in order to obtain what you want.

The problem with this rules is that once it’s enforced than no one will be able to change any file in the repository except User1, so I don’t think User2 would be able to create any PR at all.

But if User2 is a collaborator then the “excluded administrators” rule doesn’t apply to User2. The terms “administrators” is a bit generic, but from my understanding in the context of branch rules it means really any collaborator with access right. Also, if you’re part of a GitHub Team, these rules and terms might have slightly different meanings.
From what I understand, you need to disable the “excluded administrators” rule in order to obtain what you want.

The “exclude administrators” (in fact it’s just that I did not mark the “include administrators”) mean that User1, as Admin does not require approval and can merge their own PR immediately
User2, as non-Admin, cannot merge their own PR without first someone approving it
This is working as expected.

My concern is that when I will have multiple users that are non-Admins they will be able to approve other non-Admin’s PRs

I’m not quite sure what “admin user” means in this context, especially in respect to “repository owner” vs “collaborator”. Unfortunately the repository WebUI doesn’t seem to provide any info about the actual collaborators and their access rights in relation to rules, permissions, etc. — it would be really great to have an immediate visual feedback on how these settings apply to members of a Team, repository collaborators, etc.,