closes #226 (closed)
Add course level security for most important endpoints. This means that only users that have been added to a course will be able to view assignments and submission related to those courses.
Added a security service to most controllers. Using preauthorize SPeL statements works in production, however this is not testable for some reason (Spring cannot find a matching service name). The security service handles authorization requests, which have to be added to endpoints manually.
Added testing classes which can be used to test future controllers.
To be filled in by the reviewers