Better access control

[Rowbotronics]

We need more granular access control in order to allow users to access only certain functions depending on group. User and group info will come from WA for now. Looks like we can get this functionality by replacing flask_login with something like flask_security.

• Replace host name and email fields with a link to a user in the database.
• Allow all users to do check-ins for their own classes (pending completion of Event check-ins #58)
• Allow all users to submit and edit their own draft events (pending completion of Create form for new event submissions #37)