From d03e70f6bc2fe8977b32c38c7aa05fb449754921 Mon Sep 17 00:00:00 2001
From: Caleb Tennis <caleb.tennis@gmail.com>
Date: Tue, 11 Aug 2015 20:18:52 -0400
Subject: [PATCH] Fix #392 by giving a more specific error

---
 vault/auth.go      |  2 +-
 vault/auth_test.go | 27 +++++++++++++++++++++++++++
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/vault/auth.go b/vault/auth.go
index b60534acd0..28c217d171 100644
--- a/vault/auth.go
+++ b/vault/auth.go
@@ -52,7 +52,7 @@ func (c *Core) enableCredential(entry *MountEntry) error {
 		case strings.HasPrefix(ent.Path, entry.Path):
 			fallthrough
 		case strings.HasPrefix(entry.Path, ent.Path):
-			return fmt.Errorf("path already in use")
+			return logical.CodedError(409, "path already in use")
 		}
 	}
 
diff --git a/vault/auth_test.go b/vault/auth_test.go
index d74103b00a..e55adea67c 100644
--- a/vault/auth_test.go
+++ b/vault/auth_test.go
@@ -76,6 +76,33 @@ func TestCore_EnableCredential(t *testing.T) {
 	}
 }
 
+func TestCore_EnableCredential_twice_409(t *testing.T) {
+	c, _, _ := TestCoreUnsealed(t)
+	c.credentialBackends["noop"] = func(*logical.BackendConfig) (logical.Backend, error) {
+		return &NoopBackend{}, nil
+	}
+
+	me := &MountEntry{
+		Path: "foo",
+		Type: "noop",
+	}
+	err := c.enableCredential(me)
+	if err != nil {
+		t.Fatalf("err: %v", err)
+	}
+
+    // 2nd should be a 409 error
+    err2 := c.enableCredential(me)
+    switch err2.(type) {
+        case logical.HTTPCodedError:
+            if err2.(logical.HTTPCodedError).Code() != 409 {
+                t.Fatalf("invalid code given")
+            }
+        default:
+            t.Fatalf("expected a different error type")
+    }
+}
+
 func TestCore_EnableCredential_Token(t *testing.T) {
 	c, _, _ := TestCoreUnsealed(t)
 	me := &MountEntry{