Ensure the collMod command can be run with a security token and with $tenant. The command itself should already thread the tenantId through the execution path, but we may need to thread it through the auth system for the command, i.e. we'll need to construct the NamespaceString for the view using the DatabaseName object when checking whether the user is authorized to modify the view. Add a test to both of native_tenant_data_isolation_basic js tests.