updated to hide hidden fields in frontentmetadata, updated error responses

qqq-backend-core/src/main/java/com/kingsrook/qqq/backend/core/model/metadata/frontend/QFrontendTableMetaData.java

@@ -91,9 +91,13 @@ public class QFrontendTableMetaData
       {
          this.primaryKeyField = tableMetaData.getPrimaryKeyField();
          this.fields = new HashMap<>();
-         for(Map.Entry<String, QFieldMetaData> entry : tableMetaData.getFields().entrySet())
+         for(String fieldName : tableMetaData.getFields().keySet())
          {
-            this.fields.put(entry.getKey(), new QFrontendFieldMetaData(entry.getValue()));
+            QFieldMetaData field = tableMetaData.getField(fieldName);
+            if(!field.getIsHidden())
+            {
+               this.fields.put(fieldName, new QFrontendFieldMetaData(field));
+            }
          }
 
          this.sections = tableMetaData.getSections();

qqq-middleware-api/src/main/java/com/kingsrook/qqq/api/javalin/QJavalinApiHandler.java

@@ -1131,13 +1131,13 @@ public class QJavalinApiHandler
       {
          if(e instanceof QAuthenticationException)
          {
-            respondWithError(context, HttpStatus.Code.UNAUTHORIZED, e.getMessage(), apiLog); // 401
+            respondWithError(context, HttpStatus.Code.UNAUTHORIZED, "The required authentication credentials were missing or invalid.", apiLog); // 401
             return;
          }
 
          if(e instanceof QPermissionDeniedException)
          {
-            respondWithError(context, HttpStatus.Code.FORBIDDEN, e.getMessage(), apiLog); // 403
+            respondWithError(context, HttpStatus.Code.FORBIDDEN, "You do not have permission to access the requested resource.", apiLog); // 403
             return;
          }