Validate a deserialized method reference. This hook is called after a method has been deserialized (either by importing or reconstructing), but before it is used. When Called ----------- - After deserializing bound methods - After reconstructing loca
(self, method, is_local: bool, **kwargs)
| 276 | return None |
| 277 | |
| 278 | def validate_method(self, method, is_local: bool, **kwargs): |
| 279 | """Validate a deserialized method reference. |
| 280 | |
| 281 | This hook is called after a method has been deserialized (either by importing |
| 282 | or reconstructing), but before it is used. |
| 283 | |
| 284 | When Called |
| 285 | ----------- |
| 286 | - After deserializing bound methods |
| 287 | - After reconstructing local methods from serialized code |
| 288 | - Before the method is stored or called |
| 289 | |
| 290 | Security Use Cases |
| 291 | ------------------ |
| 292 | - Validate that methods belong to expected classes |
| 293 | - Block methods that could perform dangerous operations |
| 294 | - Audit method references for security logging |
| 295 | |
| 296 | Args: |
| 297 | method (method): The deserialized bound method object. |
| 298 | is_local (bool): True if the method's class is local, False if global. |
| 299 | **kwargs: Reserved for future extensions. |
| 300 | |
| 301 | Raises: |
| 302 | Exception: Raise any exception to reject the method. |
| 303 | |
| 304 | Example: |
| 305 | >>> class MethodChecker(DeserializationPolicy): |
| 306 | ... def validate_method(self, method, is_local, **kwargs): |
| 307 | ... # Block methods from dangerous classes |
| 308 | ... if method.__self__.__class__.__name__ == 'FileRemover': |
| 309 | ... raise ValueError("FileRemover methods not allowed") |
| 310 | |
| 311 | Note: |
| 312 | `check_method` is an alias for this hook. |
| 313 | """ |
| 314 | return None |
| 315 | |
| 316 | def validate_module(self, module_name: str, *, is_local: bool, **kwargs): |
| 317 | """Validate a deserialized module reference. |
no outgoing calls
no test coverage detected