[Instruments] Site/Project permission issues

[laemtl]

Users can have access to candidates' information they don't have permission to access if they have the direct link. (ex: /instruments/aosi/?candID=300258&sessionID=1578&commentID=DDE_300258OTT2581578261524668110)

To reproduce

• Login with the admin user, go to Reports > Statistics > Behavioural
• Click Click here for breakdown per participant or Click here for breakdown per participant
• Click on a candidate from a particular site/project and save the url
• Login with another user with no permission for that particular site/project
• User can see the page

Closely related to #6934