🔒️(admin) make recording fields read-only for security and performance

These values should not be updated from the admin interface. Allowing changes
to a recording’s associated room could lead to data leaks (e.g., notifications
being resent to the wrong users after a malicious modification).

Also remove the room select field, which rendered a dropdown with ~150k options,
flooding the DOM and severely degrading page performance.

src/backend/core/admin.py

@@ -213,7 +213,16 @@ class RecordingAdmin(admin.ModelAdmin):
     )
     list_filter = ["created_at"]
     list_select_related = ("room",)
-    readonly_fields = ["id", "created_at", "updated_at"]
+    readonly_fields = (
+        "id",
+        "created_at",
+        "options",
+        "mode",
+        "room",
+        "status",
+        "updated_at",
+        "worker_id",
+    )
     actions = [resend_notification]
 
     def get_queryset(self, request):