Bug 1823065: Site staff should not see users outside 'no institution'

When $cfg->isolatedistitutions are turned on because if they can and
message a user that user can't reply to them

Also fixed default filter option from throwing error if current user
is in no institution

Also fix up online users - consolidate duplicate code and restrict
non-admins in no institution is isolated institutions is turned on

behatnotneeded

Change-Id: I5828147461f513bb392598d62337d417e631e6f2
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 279c33c4)