assertTrue(filter.accept(mockDir, "document.txt"), "Should accept .txt files in the correct path");
        assertFalse(filter.accept(mockDir, "image.png"), "Should reject non-.txt files");
        assertFalse(filter.accept(mockDir, null), "Should reject null names");

        // Verify getPath was called three times (once for each accept call)
        verify(mockDir, times(3)).getPath();
        verifyNoMoreInteractions(mockDir);

	}

	// If we have too many waiting, reject this at once.
	if l.waitMutex.Load() > lockMutexWaitLimit {
		l.locksOverloaded.Add(1)
		return false, nil
	}
	// Wait for mutex
	defer l.getMutex()()
	if ctx.Err() != nil {
		return false, ctx.Err()
	}
	if !l.canTakeLock(args.Resources...) {
		// Not all locks can be taken on resources,
		// reject it completely.
		return false, nil
	}

Your API now has the power to control its own <abbr title="This is a joke, just in case. It has nothing to do with cookie consents, but it's funny that even the API can now reject the poor cookies. Have a cookie. 🍪">cookie consent</abbr>. 🤪🍪

You can use Pydantic's model configuration to `forbid` any `extra` fields:

{* ../../docs_src/cookie_param_models/tutorial002_an_py39.py hl[10] *}

        SmbFileFilter filter = f -> f.length() > 0;

        // negative size -> reject
        when(smbFile.length()).thenReturn(-1L);
        assertFalse(filter.accept(smbFile), "Negative size should be rejected");
        verify(smbFile, times(1)).length();

        // zero size -> reject
        reset(smbFile);
        when(smbFile.length()).thenReturn(0L);

        assertTrue(key.isZero());
        assertArrayEquals(zeroBytes, key.getKey());
    }

    @Test
    @DisplayName("Should reject null key")
    void testNullKey() {
        assertThrows(IllegalArgumentException.class, () -> new Smb2LeaseKey(null));
    }

    @Test
    @DisplayName("Should reject wrong size key")
    void testWrongSizeKey() {
        assertThrows(IllegalArgumentException.class, () -> new Smb2LeaseKey(new byte[15]));

			success: false,
		},
		// duplicate 'expiration' reject
		{

	if cred.AccessKey == "" {
		return ErrAccessDenied
	}

	conditions := getConditionValues(r, "", cred)
	conditions["object-lock-mode"] = []string{string(retMode)}
	conditions["object-lock-retain-until-date"] = []string{retDate.UTC().Format(time.RFC3339)}
	if retDays > 0 {
		conditions["object-lock-remaining-retention-days"] = []string{strconv.Itoa(retDays)}
	}
	if retMode == objectlock.RetGovernance && byPassSet {

        @Test
        @DisplayName("Should reject null data buffer in sign method")
        void testSignNullDataBuffer() {
            assertThrows(IllegalArgumentException.class, () -> digest.sign(null, 0, 100, request, response),
                    "Should throw IllegalArgumentException for null data buffer");
        }

        @Test
        @DisplayName("Should reject negative offset in sign method")

     * Maybe flag - indicates 'maybe' call semantics requested
     */
    int DCERPC_MAYBE = 0x40; /* `maybe' call semantics requested */
    /**
     * Object UUID flag - if true, a non-nil object UUID is present
     */
    int DCERPC_OBJECT_UUID = 0x80; /* if true, a non-nil object UUID */

    // Packet Types (ptype)
    /**
     * Request packet type
     */
    int RPC_PT_REQUEST = 0x00;
    /**
     * Ping packet type

// record is formatted as:
//
//	"%d %s=%s\n" % (size, key, value)
//
// Keys and values should be UTF-8, but the number of bad writers out there
// forces us to be a more liberal.
// Thus, we only reject all keys with NUL, and only reject NULs in values
// for the PAX version of the USTAR string fields.
// The key must not contain an '=' character.
func validPAXRecord(k, v string) bool {
	if k == "" || strings.Contains(k, "=") {