Users can know whether a channel was deleted or made hidden

[PilkeySEK]

Summary

Fluxer does not send channels which the user does not have permission to view to the user (unlike Discord). However, a user can find out whether a channel has been deleted or just made hidden if they know the channel ID, by using the API. This is not a big deal but since Fluxer is already fully hiding channels the behavior should be changed here so that it is truly not possible to know this information either.
The API will return 403 instead of 404 when requesting channel info for a channel which you do not have access to view.
An example is a channel in Fluxer HQ which has been archived: GET https://api.fluxer.app/v1/channels/1494000808691269576.

Steps to reproduce

1. Know the ID of a channel which you don't have permission to view. This can be achieved by using an alt account.
2. Send GET https://api.fluxer.app/v1/channels/:channel_id with authorization.
3. The API will respond 403 Forbidden with MISSING_PERMISSIONS. It should return 404 as if the channel didn't exist in my opinion.

Environment (optional)

canary build 485 (e1d3a7b), 2026-04-27 18:03:32 UTC, Electron 41.2.2, Linux 6.19.13-arch1-1 (x64), desktop canary 0.0.50

Also works when not using the canary API (api.fluxer.app and not web.canary.fluxer.app/api).

Logs or screenshots (optional)

No response

Checks

• I searched for existing issues and didn't find a duplicate.

[JuxGD]

If the MISSING_PERMISSIONS was implemented into the API, doesn't that make this intended functionality (aka not a bug)?

[PilkeySEK]

Not sure but I'd say that it aligns more with what Fluxer intends to do (fully hiding channels instead of only half-hiding them like Discord)