Backport of treat logical.ErrRelativePath as 400 instead of 500 into release/1.8.x

[hc-github-team-secure-vault-core]

Backport

This PR is auto-generated from #14328 to be assessed for backporting due to the inclusion of the label backport/1.8.x.

WARNING automatic cherry-pick of commits failed. Commits will require human attention.

The below text is copied from the body of the original PR.

---

The userpass auth backend may return a 500 Internal Server Error to attempts to read or write usernames that contain ... The underlying cause is a check performed in StorageView. SanityCheck. It is theoretically possible for other endpoints to result in a 500 response for a path that contains ... The policies endpoints, for example sys/policies/acl/:path, have their own error handling which results in returning a 400 for various errors:

❯ bin/vault read sys/policies/acl/foo..bar
Error reading sys/policies/acl/foo..bar: Error making API request.

URL: GET http://127.0.0.1:8200/v1/sys/policies/acl/foo..bar
Code: 400. Errors:

* failed to read policy: relative paths not supported

The proposed fix is to treat logical.ErrRelativePath as a 400. Rather than do this directly within the userpass logic, it is done at a higher level in the request handling logic so that it has broad coverage across any backend.

❯ bin/vault read auth/userpass/users/foo..bar
Error reading auth/userpass/users/foo..bar: Error making API request.

URL: GET http://127.0.0.1:8200/v1/auth/userpass/users/foo..bar
Code: 400. Errors:

* 1 error occurred:
        * relative paths not supported

[hashicorp-cla]

All committers have signed the CLA.

[swayne275]

it looks like api is undefined in http/logical_test.go here