Validate v2 API enum parameters

[caydyan]

Supersedes #3377 with the same fix rebased onto the current develop branch.

This validates v2 API enum parameters at the shared request-argument layer.

Route metadata already exposes Literal[...] annotations as enum[str] with a members list, but prepare_args() did not enforce those members. Unsupported enum values could pass through to query functions, turning invalid requests into successful but misleading responses such as /v2/orders?status=invalid-status.

Details:

• Rejects unsupported enum values before query execution using the existing API 400 response path.
• Supports comma-separated enum filters for routes that already accept CSV values in the query layer.
• Preserves dispenser numeric status aliases such as status=0.

Tests:

• python -m pytest counterpartycore/test/units/api/apiserver_test.py::test_invalid_enum_param_rejected counterpartycore/test/units/api/apiserver_test.py::test_valid_csv_enum_param_accepted -q
• python -m pytest counterpartycore/test/units/api/apiserver_test.py -q
• python -m ruff check counterpartycore/lib/api/apiserver.py counterpartycore/lib/api/routes.py counterpartycore/test/units/api/apiserver_test.py
• python -m ruff format --check counterpartycore/lib/api/apiserver.py counterpartycore/lib/api/routes.py counterpartycore/test/units/api/apiserver_test.py
• git diff --check

Bounty payment address (BTC): bc1qev5ant33v5y89qqjvcf4mh9hlax5svqf5xd7gc