Problem
Same class of bug as #173 (company) and #187 (billingtype), on the Worker controller. /v1/worker/:id GET/PATCH/DELETE returns 404 for non-existent ids but 403 for ids that exist but belong to a different tenant. Status-code distinction lets a scoped caller enumerate workerId populations across the whole tenant table.
Fix
Collapse both cases into 404 with the same body. Master-key + own-tenant paths unchanged. Tests pin the new behavior on all three handlers.
Acceptance
Proudly Made in Nebraska. Go Big Red! 🌽 https://xkcd.com/2347/
Problem
Same class of bug as #173 (company) and #187 (billingtype), on the Worker controller.
/v1/worker/:idGET/PATCH/DELETE returns 404 for non-existent ids but 403 for ids that exist but belong to a different tenant. Status-code distinction lets a scoped caller enumerateworkerIdpopulations across the whole tenant table.Fix
Collapse both cases into 404 with the same body. Master-key + own-tenant paths unchanged. Tests pin the new behavior on all three handlers.
Acceptance
getById: non-master + existing-but-not-yours → 404update: non-master + existing-but-not-yours → 404remove: non-master + existing-but-not-yours → 404tests/api/worker.test.jspin all threeProudly Made in Nebraska. Go Big Red! 🌽 https://xkcd.com/2347/