Safeguarding against UnblockUser::execute()'s method unblocking the anonymous user

Thanks @WimLeers, that sounds even better. Something along these lines then?

Test added.

Fixing different things, the main attempt is at hopefully improving the following points:

1. Making isAnonymous() stricter in that a NULL uid (e.g. for newly created unsaved User entities) will not return TRUE
2. Switch from using isAnonymous() as a condition for detecting the 'register' condition for the AccountForm to isNew(). That was discussed here [2854252#95] and is mostly related to this quote from alexpott:
   

   So the code we're changing is super weird because why does a user you're in the process of creating return TRUE for $items->getEntity()->isAnonymous() - but this is not the fault of this patch. I think isNew() would be a better check here. Let's open a follow-up for that.

   which I agree with.

All in all, this seems to be more important than not, I have the feeling there are a couple of important things that need attention here, maybe even breaking this down in smaller issues. Gonna bump this to major precautionary.

And the patches of course.

PHPCS fixes

Added a Change Record as per #19.
Will have a look at the failing tests now.

This one is up for a review again, the change record is in place, although a draft that could use some eyes on.
The points in the MR have all been addressed.

The reason I replaced \Drupal\Core\Session\AccountInterface with \Drupal\user\UserInterface is because it was causing a breakage in that Unit test class due to the following change:

diff --git a/core/modules/user/src/UserAccessControlHandler.php b/core/modules/user/src/UserAccessControlHandler.php
index a231d5214d..46b97cfa2e 100644
--- a/core/modules/user/src/UserAccessControlHandler.php
+++ b/core/modules/user/src/UserAccessControlHandler.php
@@ -101,7 +101,7 @@ protected function checkFieldAccess($operation, FieldDefinitionInterface $field_
       case 'name':
         // Allow view access to anyone with access to the entity.
         // The username field is editable during the registration process.
-        if ($operation == 'view' || ($items && $items->getEntity()->isAnonymous())) {
+        if ($operation == 'view' || ($items && $items->getEntity()->isNew())) {
           return AccessResult::allowed()->cachePerPermissions();
         }
         // Allow edit access for the own user name if the permission is

That change is however crucial to this issue and also makes sense in that class since it is an access control handler specific to the user entity type. And that type has a isNew() method.

The Unit test class however that is testing that handler has been using so far a \Drupal\Core\Session\AccountInterface mock that does not have an isNew() method (which causes the breakage) but most importantly makes less sense to use for testing the access control handler for the user entity type instead of the \Drupal\user\UserInterface itself.

So, all in all, that change is not disruptive, but the Unit test needed an adjustment IMHO.