Data officer can change institution in unwanted moments

[RubenFricke]

Describe the bug
The data officer can change data from the users that are linked to the same institution. this behavior is desirable. However, the data officer can change the institution id users are linked to, this brings unwanted behavior we do not want.

For example, a certain data officer with institution id = 1, would like to change a user from the same institution and changes the institution id = 2. This is possible because he changed the user that had initially the same institution, however it links the user to an institution he doesn't have any rights to.

The same applies to the data officer self. The data officer can change his own institution id to link himself to other institutions.

To Reproduce
Steps to reproduce the behavior:

1. Find a user with the same institution as an officer id.
2. Change this user with the officer id, and update the institution id
3. The institution id is changed to an institution the data officer has no rights for

Expected behavior
The data officer should not be able to change the institution id, but should be able to delete the institution id if he wants to unlink a user from their institution.