✨(backend) add trusted user access level for rooms

Introduce new intermediate access level between public and restricted that
allows authenticated users to join rooms without admin approval. Not making
this the default level yet as current 12hr sessions would create painful
user experience for accessing rooms. Will reconsider default settings after
improving session management.

This access level definition may evolve to become stricter in the future,
potentially limiting access to authenticated users who share the same
organization as the room admin.

src/backend/core/api/serializers.py

@@ -128,7 +128,16 @@ class RoomSerializer(serializers.ModelSerializer):
         if not is_admin:
             del output["configuration"]
 
-        if role is not None or instance.is_public:
+        should_access_room = (
+            (
+                instance.access_level == models.RoomAccessLevel.TRUSTED
+                and request.user.is_authenticated
+            )
+            or role is not None
+            or instance.is_public
+        )
+
+        if should_access_room:
             room_id = f"{instance.id!s}"
             username = request.query_params.get("username", None)
             output["livekit"] = utils.generate_livekit_config(