User form access fixes

The motivation for this change it to allow for a "sub-admin" - a user without 'administer users' permissions that nevertheless has access to update some other users' account. That case only occurs with modules hooks and has no impact in pure Drupal core.

Translators please note that the permission 'select account cancellation method' English language title has changed from 'Select method for cancelling own account' to 'Select method for cancelling account'. This reflects that fact that this permission is now also checked in the case of a sub-admin cancelling another user account.

The user create/edit/cancel forms have been fixed to remove hard-coded checks on the 'administer users' permission:

1. The 'mail', 'name', 'status' fields are now shown dependent on a field access check.
2. The permission for the "Add user" page now correctly checks the entity create access.
3. Sub-admins now see administrative behavior such as "skip the account cancellation confirmation mail (by default)".
4. When the sub-admin creates an account, Drupal now correctly displays an admin message (instead of logging in as the new user).

These fixes should benefit almost all sites using user access hooks, except some very unusual cases where there a workarounds. For example, in the unlikely event that a site has granted field access using a hook, yet does not want to display the corresponding field on the user form, then this field can be blocked using hook_form_user_form_alter.