Restrict deploy targets by department
Fixes #11 (closed)
The issue proposed to use LDAP groups to control access. I used the study's department instead because that was already at hand and is also consistent for all members of the study. We do not expect this to be a security issue because there is an approval step anyway.