Once the ResourcePattern and ParsedPrivilege APIs handle tenantIds, change any remaining call sites to NamespaceString::createNamespaceStringForAuth to call the appropriate method on NamespaceStringUtil to construct NamespaceStrings instead. Then, remove NamespaceString::createNamespaceStringForAuth, as it skips validation that tenantIds exist when they should.

Note that the current model for db-only resource patterns includes the db.coll delimiter.  In order to more accurately match the `NamespaceString(const DatabaseName&)` constructor's behavior, we should move auth usages of dbonly patterns to not include the delimiter.  This will require careful review of AuthorizationSessionImpl and UserManagementCommands.