Some commands (including listCollections and listIndexes) forward the logical session id sent by the client. The client's logical session id will not include the information for the logged in user – the user information is collected from the operationContext on a mongos/mongod. If a command forwards the logical session id to a mongod without attaching the user information, the mongod will infer the system user instead of the logged in user.
This ticket will backport a section of
SERVER-35323. With this section, the ShardingTaskExecutor will verify that the user information is included in any commands sent with a logical session id. The ShardingTaskExecutor will emplace the user information onto the command object if needed.