From 9efbb932037fe1ce4955c047f18e3cadeed60d19 Mon Sep 17 00:00:00 2001
From: lxiaopei <lxiaopei@vmware.com>
Date: Thu, 10 Dec 2020 02:51:47 +0800
Subject: [PATCH] Add Create identity with cert

since POST /api/v1/trust-management/principal-identities is deprecated.

Change-Id: I5ff5f05aa6ba0e38523e6d4d8009e6aaa67449c8
(cherry picked from commit 5af19175cde098b3eaa27983e161784e643860ca)
---
 .../tests/unit/v3/test_trust_management.py    | 21 +++++++++++++++++++
 vmware_nsxlib/v3/trust_management.py          |  9 ++++++++
 2 files changed, 30 insertions(+)

diff --git a/vmware_nsxlib/tests/unit/v3/test_trust_management.py b/vmware_nsxlib/tests/unit/v3/test_trust_management.py
index f5a9c3d1..0d14deda 100644
--- a/vmware_nsxlib/tests/unit/v3/test_trust_management.py
+++ b/vmware_nsxlib/tests/unit/v3/test_trust_management.py
@@ -64,3 +64,24 @@ class TestNsxLibTrustManagement(nsxlib_testcase.NsxClientTestCase):
             return_value={'results': consts.FAKE_CERT_LIST}):
             results = self.nsxlib.trust_management.find_cert_with_pem(pem)
             self.assertEqual(1, len(results))
+
+    def test_create_identity_with_cert(self):
+        fake_pem = consts.FAKE_CERT_PEM
+        name = "test-identity"
+        cert_api = self.nsxlib.trust_management
+        body = {
+            'name': name,
+            'certificate_pem': fake_pem,
+            'node_id': 'test_node_id',
+            'role': 'enterprise_admin',
+            'is_protected': True
+        }
+        with mock.patch.object(self.nsxlib.client, 'create') as create:
+            cert_api.create_identity_with_cert(
+                name=name,
+                cert_pem=fake_pem,
+                node_id='test_node_id',
+                role='enterprise_admin')
+            create.assert_called_with(
+                'trust-management/principal-identities/with-certificate',
+                body)
diff --git a/vmware_nsxlib/v3/trust_management.py b/vmware_nsxlib/v3/trust_management.py
index 024c4db9..168694de 100644
--- a/vmware_nsxlib/v3/trust_management.py
+++ b/vmware_nsxlib/v3/trust_management.py
@@ -19,6 +19,7 @@ from vmware_nsxlib.v3 import utils
 BASE_SECTION = 'trust-management'
 CERT_SECTION = BASE_SECTION + '/certificates'
 ID_SECTION = BASE_SECTION + '/principal-identities'
+ID_WITH_CERT_SECTION = BASE_SECTION + '/principal-identities/with-certificate'
 USER_GROUP_TYPES = [
     'read_only_api_users',
     'read_write_api_users',
@@ -134,3 +135,11 @@ class NsxLibTrustManagement(utils.NsxLibApiBase):
         except nsxlib_exc.ManagerError as e:
             self.delete_cert(nsx_cert_id)
             raise e
+
+    def create_identity_with_cert(self, name, cert_pem,
+                                  node_id, role,
+                                  is_protected=True):
+        body = {'name': name, 'certificate_pem': cert_pem,
+                'node_id': node_id, 'role': role,
+                'is_protected': is_protected}
+        self.client.create(ID_WITH_CERT_SECTION, body)