Gabriel Kaszewski
4067dedb28
Ownership checks (delete_review, confirm/dismiss watch events) now return Forbidden instead of Unauthorized. Presentation layer maps DomainError→StatusCode via domain_error_response helper, replacing verbose per-handler match arms.