Authorization checks happen in https://github.com/10gen/mongo/blob/86a11c7674731b59104647934ea1b345dbbb0341/src/mongo/db/auth/authorization_checks.cpp#L362-L377 and rely on the LiteParsedDocument source representation of a pipeline stage to determine which privileges are applicable to the query execution.

Currently, extension stages only register a default LiteParsedDocumentSource, which does not accurately describe the stages.

The pertinent calls for authorization checks are LiteParsedDocumentSource::
isInitialSource() and LiteParsedDocumentSource::requiredPrivileges().

In this project:

Because this piece of code is reliant on a non-parsed document source, we can't rely on the behaviours of a post-desugared Desugar stage (i.e $vectorSearch->$pluginSearch + $_internalSearchLookupId).

One solution, is to implement a new type of LiteParsedDocumentSource, perhaps LiteParsedDocumentSourceExtension.

Unfortunately, the current interface for LiteParsedDocumentSource: : parse() returns a single std::unique_ptr<LiteParsedDocumentSource>, so it won't be possible to have the LiteParsed extension source desugar at parse time into its constituent parts.

Instead, LiteParsedDocumentSourceExtension will have to keep a pointer to the static descriptor, and we will have to introduce a property on the static descriptor to indicate whether or not this stage requires privileges on the main collection namespace.