Allow restricting to org members

[timja]

It may be useful to restrict commands to org members.

This should be optional and default to not requiring it

[daniel-beck]

This should be the default. We add people to the jenkinsci org on request (no permissions) e.g. to be requested as reviewers, so this would limit abuse significantly.

TBH I struggle to think of a use case that's not easily resolved that way and worth opening up operations to the world.

[timja]

I think that would be fine, and combined with something like this would be better:
#56 (comment)

i.e. each command could declare it's permission level