additional tests, one fix

webgoat-lessons/missing-function-ac/src/main/java/org/owasp/webgoat/plugin/MissingFunctionACHiddenMenus.java

@@ -27,7 +27,7 @@ import java.util.Map;
 
 @AssignmentPath("/access-control/hidden-menu")
 @AssignmentHints({"access-control.hidden-menus.hint1","access-control.hidden-menus.hint2","access-control.hidden-menus.hint3"})
-public class HiddenMenuItems extends AssignmentEndpoint {
+public class MissingFunctionACHiddenMenus extends AssignmentEndpoint {
     //UserSessionData is bound to session and can be used to persist data across multiple assignments
     @Autowired
     UserSessionData userSessionData;
@@ -46,7 +46,7 @@ public class HiddenMenuItems extends AssignmentEndpoint {
         }
 
         if (hiddenMenu1.equals("Config") && hiddenMenu2.equals("Users")) {
-            return trackProgress(success()
+            return trackProgress(failed()
                     .output("")
                     .feedback("access-control.hidden-menus.close")
                     .build());

webgoat-lessons/missing-function-ac/src/main/resources/i18n/WebGoatLabels.properties

@@ -1,6 +1,6 @@
 missing-function-access-control.title=Missing Function Level Access Control
 
-access-control.hidden-menus.success=Correct! And not hard to find are they?!? For the next lab, note that the endpoints are at /WebGoat/access-control/list-users and /WebGoat/access-control/add-user
+access-control.hidden-menus.success=Correct! And not hard to find are they?!? One of these urls will be helpful in the next lab.
 access-control.hidden-menus.close=Close. Remember that when hacking ... details such as order,case and the like matter.
 access-control.hidden-menus.failure=Please try again.