productentry: cross-tenant GET/PATCH/DELETE returns 403 — same class as #213 (secure-404)

[CryptoJones]

Problem

Same class as the eight prior secure-404 fixes (#173 / #187 / #191 / #195 / #199 / #203 / #209 / #213), now on the job-cascade-scoped ProductEntry: pentJobId → Job.jobCustId → Customer.custCompId. Scoped callers can enumerate pentId populations by status code.

Fix

Collapse both cases into 404. Cascade auth resolution preserved.

Proudly Made in Nebraska. Go Big Red! 🌽 https://xkcd.com/2347/