When a user is not allowed to update Directus_users the fields shoud be readonly

[Pachat]

Describe the bug

In the case where a user has the right to read other users but is only allowed to update his own profile, the fields of the other users' profiles should be read-only.

Reproduce

The administrator gives the right to a regular user to see all users
and the right to update his own profile only {"_and":[{"id":{"_eq":"$CURRENT_USER"}}]}
Give the right to modify at least the Last Name

Log in as the regular user. Click on another profile than his.

Errors displayed

1. The Last Name is not read-only. The regular user can edit the profile of others.
2. It is only on saving that he gets the unauthorized error message.

The user should not be allowed to edit the Last Name of others at all.

What version of Directus are you using?

9.21.0

What version of Node.js are you using?

16.14.0

What database are you using?

PostgreSQL 15

What browser are you using?

Edge and Firefox

How do you deploy Directus?

locally and on VPS

[rijkvanzanten]

Linear: ENG-117

[Pachat]

From a UIX perspective, when the user starts editing the field and gets on save an error message makes it appear as a bug.
At first, he shouldn't have been able to edit.