Add comments to existence functions

builtin/credential/userpass/path_login.go

@@ -37,9 +37,6 @@ func pathLogin(b *backend) *framework.Path {
 func (b *backend) pathLogin(
 	req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
 	username := strings.ToLower(d.Get("username").(string))
-	if username == "" {
-		return nil, fmt.Errorf("missing username")
-	}
 
 	password := d.Get("password").(string)
 	if password == "" {
@@ -52,7 +49,7 @@ func (b *backend) pathLogin(
 		return nil, err
 	}
 	if user == nil {
-		return logical.ErrorResponse("unknown username or password"), nil
+		return logical.ErrorResponse("username does not exist"), nil
 	}
 
 	// Check for a password match. Check for a hash collision for Vault 0.2+,

builtin/credential/userpass/path_user_password.go

@@ -35,6 +35,8 @@ func pathUserPassword(b *backend) *framework.Path {
 	}
 }
 
+// By always returning true, this endpoint will be enforced to be invoked only upon UpdateOperation.
+// The existence of user will be checked in the operation handler.
 func (b *backend) userPasswordExistenceCheck(req *logical.Request, data *framework.FieldData) (bool, error) {
 	return true, nil
 }

builtin/credential/userpass/path_user_policies.go

@@ -33,6 +33,8 @@ func pathUserPolicies(b *backend) *framework.Path {
 	}
 }
 
+// By always returning true, this endpoint will be enforced to be invoked only upon UpdateOperation.
+// The existence of user will be checked in the operation handler.
 func (b *backend) userPoliciesExistenceCheck(req *logical.Request, data *framework.FieldData) (bool, error) {
 	return true, nil
 }

builtin/credential/userpass/path_users.go

@@ -130,7 +130,6 @@ func (b *backend) userCreateUpdate(req *logical.Request, d *framework.FieldData)
 		userEntry = &UserEntry{}
 	}
 
-	// "password" will always be set here
 	if _, ok := d.GetOk("password"); ok {
 		err = b.updateUserPassword(req, d, userEntry)
 		if err != nil {