Issue #3331947 by idebr, Lendude, xjm: Accountform is missing an entity field...

Issue #3331947 by idebr, Lendude, xjm: Accountform is missing an entity field access check for 'mail'

core/modules/user/src/AccountForm.php

@@ -99,6 +99,7 @@ public function form(array $form, FormStateInterface $form_state) {
       '#description' => $this->t('The email address is not made public. It will only be used if you need to be contacted about your account or for opted-in notifications.'),
       '#required' => !(!$account->getEmail() && $user->hasPermission('administer users')),
       '#default_value' => (!$register ? $account->getEmail() : ''),
+      '#access' => $account->mail->access('edit'),
     ];
 
     // Only show name field on registration form or user can change own username.

core/modules/user/tests/modules/user_access_test/user_access_test.module

@@ -56,5 +56,11 @@ function user_access_test_entity_field_access($operation, FieldDefinitionInterfa
     }
   }
 
+  if (\Drupal::state()->get('user_access_test_forbid_mail_edit', FALSE)) {
+    if ($operation === 'edit' && $items && $items->getEntity()->getEntityTypeId() === 'user' && $field_definition->getName() === 'mail') {
+      return AccessResult::forbidden();
+    }
+  }
+
   return AccessResult::neutral();
 }

core/modules/user/tests/src/Functional/UserEditTest.php

@@ -245,4 +245,16 @@ public function testUserChangeSiteLanguage() {
     $this->assertSession()->statusCodeEquals(200);
   }
 
+  /**
+   * Tests the account form implements entity field access for mail.
+   */
+  public function testUserMailFieldAccess() {
+    \Drupal::state()->set('user_access_test_forbid_mail_edit', TRUE);
+    \Drupal::service('module_installer')->install(['user_access_test']);
+    $user = $this->drupalCreateUser();
+    $this->drupalLogin($user);
+    $this->drupalGet("user/" . $user->id() . "/edit");
+    $this->assertFalse($this->getSession()->getPage()->hasField('mail'));
+  }
+
 }