1 files changed, 21 insertions, 10 deletions

diff --git a/src/mongo/db/auth/user.cpp b/src/mongo/db/auth/user.cpp
index f98fa52550c..36039d2ef14 100644
--- a/src/mongo/db/auth/user.cpp
+++ b/src/mongo/db/auth/user.cpp
@@ -41,7 +41,22 @@
 
 namespace mongo {
 
-User::User(const UserName& name) : _name(name), _id(), _refCount(0), _isValid(1) {}
+namespace {
+
+SHA256Block computeDigest(const UserName& name, const boost::optional<OID>& id) {
+    const auto& fn = name.getFullName();
+
+    if (id) {
+        return SHA256Block::computeHash({id->toCDR(), ConstDataRange(fn.c_str(), fn.size())});
+    } else {
+        return SHA256Block::computeHash({ConstDataRange(fn.c_str(), fn.size())});
+    }
+};
+
+}  // namespace
+
+User::User(const UserName& name)
+    : _name(name), _id(), _digest(computeDigest(_name, _id)), _refCount(0), _isValid(1) {}
 
 User::~User() {
     dassert(_refCount == 0);
@@ -55,6 +70,10 @@ const boost::optional<OID>& User::getID() const {
     return _id;
 }
 
+const SHA256Block& User::getDigest() const {
+    return _digest;
+}
+
 RoleNameIterator User::getRoles() const {
     return makeRoleNameIteratorForContainer(_roles);
 }
@@ -87,17 +106,9 @@ const ActionSet User::getActionsForResource(const ResourcePattern& resource) con
     return it->second.getActions();
 }
 
-User* User::clone() const {
-    std::unique_ptr<User> result(new User(_name));
-    result->_id = _id;
-    result->_privileges = _privileges;
-    result->_roles = _roles;
-    result->_credentials = _credentials;
-    return result.release();
-}
-
 void User::setID(boost::optional<OID> id) {
     _id = std::move(id);
+    _digest = computeDigest(_name, _id);
 }
 
 void User::setCredentials(const CredentialData& credentials) {