As part of the effort to reduce the pre-auth surface area of the MongoDB Server, we should change auth::getPrivilegesForAggregate() to require AuthorizationSession::isAuthenticated() == true when auth is enabled. This will help ensure future memory errors and other vulnerabilities in aggregation stages and expressions cannot be as readily exploited.