Resolve "Guests are able to connect as a patient"

What does this MR do?

Any user was able to start/join a room as the patient as long as they somehow managed to find the tablet path, while this tablet path should be sufficiently long enough to deter any adversaries, authorizing the user makes more sense.

Actions taken to fix the bug

Both the calls to join/start a room as a patient now includes the @PreAuthorize annotation with the roles STAFF or ADMIN.

Does this MR meet the acceptance criteria?

• I have added tests to validate the fix.
• I have updated the documentation accordingly.
• I have added translations for all new client-side text. closes #99 (closed)