Add "create" link template to User entity type annotation, to allow POSTing to /user instead of /entity/user

Here's the interdiff from #2293697-177: EntityResource POST routes all use the confusing default: use entity types' https://www.drupal.org/link-relations/create link template if available, but reversed. That should provide a great starting point for this patch.

#2293697: EntityResource POST routes all use the confusing default: use entity types' https://www.drupal.org/link-relations/create link template if available is in! This is now unblocked :)

#2 didn't apply anymore; rebased.

From #2293697-168: EntityResource POST routes all use the confusing default: use entity types' https://www.drupal.org/link-relations/create link template if available:

An alternative could be to not block this on #2822190: PathValidator validates based on a RequestContext leaked from the current request, resulting in false negatives during CLI requests and POST submissions and just modify ContactSitewideTest. This is the line that's causing a failure:

    $this->updateContactForm($id, $label = $this->randomMachineName(16), $recipients_str = implode(',', array($recipients[0], $recipients[1])), $reply = $this->randomMachineName(30), FALSE, 'Your message has been sent.', '/user');

Specifically, the /user parameter at the end. That's filling out a "contact form" config entity configuration form to set the redirect path to be /user. This then causes problems because […]

Since #2822190: PathValidator validates based on a RequestContext leaked from the current request, resulting in false negatives during CLI requests and POST submissions has landed (but gained a follow-up: #2852107: PathValidator::getUrlIfValid() does not support non-HTML/non-GET routes), we should be able to remove the changes to ContactSitewideTest.

Turns out that Symfony has deprecated setting

requirements:
  _method: [GET]

You actually need to do this now:

methods: [GET]

Fixing that makes tests pass :)

Per #8, closed #2852107: #2852107-4: PathValidator::getUrlIfValid() does not support non-HTML/non-GET routes.

Yes, so:

+++ b/core/modules/user/user.routing.yml
@@ -116,6 +116,7 @@ user.page:
   defaults:
     _controller: '\Drupal\user\Controller\UserController::userPage'
     _title: 'My account'
+  methods: [GET]
   requirements:
     _user_is_logged_in: 'TRUE'

this is unacceptable, because there may be a method="post" form on this page, which then won't work due to this change.

This is because our rendering + routing system are intertangled.

Yep. We've been needing that for years.

This is the issue for that.

Updated IS title + summary.

#16 is asking great questions.

Hm. What exactly is special about /user?

It exists always and accepts POST requests. Then when you make a POST request when you're not logged in, it redirects to somewhere else, which causes the HTTP client to repeat its POST request, at which point multiple routes match, some match is selected, and you get a very unexpected and quite illogical 200 response.
See the details at #2293697-150: EntityResource POST routes all use the confusing default: use entity types' https://www.drupal.org/link-relations/create link template if available + #2293697-157: EntityResource POST routes all use the confusing default: use entity types' https://www.drupal.org/link-relations/create link template if available + later.

/node also exists in the form of the default frontpage view that uses that path. So if you create the same contact form and configure it to point to /node, then you get the same probem? Or any other path?

No, see above.

I think a key question here is Is the benefit worth our time?

In other words: how important is it that we make this work in the nice way? So then the question becomes: is it common to create User entities?

To which I think the answer is: quite uncommon. So let's "won't fix" this.