transitionToCatalogShard is essentially a wrapper for addShard that adds the config server as a shard capable of storing user data. We have a list of "minimum privileges required to bootstrap a system and add the first user" that we allow when the localhost exception is active (ie there are no users and we're connecting from localhost). Notably, this includes addShard, which raises the question of if we should allow transitionToCatalogShard as well. If transitionToCatalogShard can run, then the cluster is far enough along where we should be able to add a user, so this seems unnecessary, but by that same logic, so is addShard, so we should investigate further.