fix: add missing /custom_field_values/:id page to read_only and normal_user

- Add /custom_field_values/:id to read_only pages (users can view list, should also view details)
- Add /custom_field_values/:id to normal_user pages
- Refactor tests to reduce duplication (use for-comprehension for structure tests)
- Add tests for invalid input types in valid_permission_set?/1
- Update @spec for valid_permission_set?/1 to accept any() type

lib/mv/authorization/permission_sets.ex

@@ -146,7 +146,9 @@ defmodule Mv.Authorization.PermissionSets do
         # Member detail
         "/members/:id",
         # Custom field values overview
-        "/custom_field_values"
+        "/custom_field_values",
+        # Custom field value detail
+        "/custom_field_values/:id"
       ]
     }
   end
@@ -184,6 +186,8 @@ defmodule Mv.Authorization.PermissionSets do
         # Edit member
         "/members/:id/edit",
         "/custom_field_values",
+        # Custom field value detail
+        "/custom_field_values/:id",
         "/custom_field_values/new",
         "/custom_field_values/:id/edit"
       ]
@@ -230,6 +234,11 @@ defmodule Mv.Authorization.PermissionSets do
     }
   end
 
+  def get_permissions(invalid) do
+    raise ArgumentError,
+          "invalid permission set: #{inspect(invalid)}. Must be one of: #{inspect(all_permission_sets())}"
+  end
+
   @doc """
   Checks if a permission set name (string or atom) is valid.
 
@@ -244,7 +253,7 @@ defmodule Mv.Authorization.PermissionSets do
       iex> PermissionSets.valid_permission_set?("invalid")
       false
   """
-  @spec valid_permission_set?(String.t() | atom()) :: boolean()
+  @spec valid_permission_set?(any()) :: boolean()
   def valid_permission_set?(name) when is_binary(name) do
     case permission_set_name_to_atom(name) do
       {:ok, _atom} -> true