Yes, this is the right way of doing it. As @shirleyquick pointed out in his earlier reply you would need to validate inputs at the boundary to your API. This makes intuitive sense when we look at things like web API which needs to make sure one user can't access another users data for example, or that it can't set their own name to be an empty string.
Your scenario appears to be trying to protect users from doing something wrong by accident (you will never manage to prevent malice as long as they're importing a local module). The solution is, as @shirleyquirk displayed, to not export the constructs required for doing bad things. If you want the user to be able to read or write fields (but only with valid values) it's trivial to set up getters and setters for your fields in your module. And @Araq, I agree that for this example it doesn't make much sense to keep the string around instead of parsing to an enum. But for more complex types where you don't want to pay the penalty of demarshaling or converting data types it makes more sense. For example a library like my jsonschema which validates that a given JSON object follows a schema and returns a distinct JsonNode type with only acessors for the defined fields.
