2026-04-09 04:42:19 +00:00
1 changed files with 2 additions and 2 deletions
--- a/backend/app/api/endpoints/steps.py
+++ b/backend/app/api/endpoints/steps.py
@@ -47,10 +47,10 @@ async def get_step_or_404(
        raise HTTPException(status_code=404, detail="Step not found")

    if check_view and not can_view_step(current_user, step):
-        raise HTTPException(status_code=403, detail="Not authorized to view this step")
+        raise HTTPException(status_code=404, detail="Step not found")

    if check_edit and not can_edit_step(current_user, step):
-        raise HTTPException(status_code=403, detail="Not authorized to modify this step")
+        raise HTTPException(status_code=404, detail="Step not found")

    return step