[FC-0099] refactor: remove casbin redis watcher (openedx#109)

Author: BryanttV

CHANGELOG.rst

@@ -14,8 +14,20 @@ Change Log
 Unreleased
 **********
 
+*
+
+0.6.0 - 2025-10-22
+******************
+
+Changed
+=======
+
 * Use a SyncedEnforcer with default auto load policy.
 
+Removed
+=======
+
+* Remove Casbin Redis watcher from engine configuration.
 
 0.5.0 - 2025-10-21
 ******************

openedx_authz/__init__.py

@@ -4,6 +4,6 @@
 
 import os
 
-__version__ = "0.5.0"
+__version__ = "0.6.0"
 
 ROOT_DIRECTORY = os.path.dirname(os.path.abspath(__file__))

openedx_authz/engine/enforcer.py

@@ -1,19 +1,18 @@
 """
 Core authorization enforcer for Open edX AuthZ system.
 
-Provides a Casbin FastEnforcer instance with extended adapter for database policy
-storage and Redis watcher for distributed policy synchronization.
+Provides a Casbin SyncedEnforcer instance with extended adapter for database policy
+storage and automatic policy synchronization.
 
 Components:
-    - Enforcer: Main FastEnforcer instance for policy evaluation
+    - Enforcer: Main SyncedEnforcer instance for policy evaluation
     - Adapter: ExtendedAdapter for filtered database policy loading
-    - Watcher: Redis-based watcher for real-time policy updates
 
 Usage:
     from openedx_authz.engine.enforcer import AuthzEnforcer
     allowed = enforcer.enforce(user, resource, action)
 
-Requires `CASBIN_MODEL` setting and Redis configuration for watcher functionality.
+Requires `CASBIN_MODEL` setting.
 """
 
 import logging
@@ -23,7 +22,6 @@
 from django.conf import settings
 
 from openedx_authz.engine.adapter import ExtendedAdapter
-from openedx_authz.engine.watcher import Watcher
 
 logger = logging.getLogger(__name__)
 
@@ -32,7 +30,7 @@ class AuthzEnforcer:
     """Singleton class to manage the Casbin SyncedEnforcer instance.
 
     Ensures a single enforcer instance is created safely and configured with the
-    ExtendedAdapter and Redis watcher for policy management and synchronization.
+    ExtendedAdapter for policy management and automatic synchronization.
 
     There are two main use cases for this class:
 
@@ -75,13 +73,12 @@ def _initialize_enforcer() -> SyncedEnforcer:
         """
         Create and configure the Casbin SyncedEnforcer instance.
 
-        This method initializes the FastEnforcer with the ExtendedAdapter
-        for database policy storage and sets up the Redis watcher for real-time
-        policy synchronization if the Watcher is available. It also initializes
-        the enforcer with the specified database alias from settings.
+        This method initializes the SyncedEnforcer with the ExtendedAdapter
+        for database policy storage and automatic policy synchronization.
+        It also initializes the enforcer with the specified database alias from settings.
 
         Returns:
-            SyncedEnforcer: Configured Casbin enforcer with adapter and watcher
+            SyncedEnforcer: Configured Casbin enforcer with adapter and auto-sync
         """
         db_alias = getattr(settings, "CASBIN_DB_ALIAS", "default")
 
@@ -99,14 +96,4 @@ def _initialize_enforcer() -> SyncedEnforcer:
         enforcer.start_auto_load_policy(settings.CASBIN_AUTO_LOAD_POLICY_INTERVAL)
         enforcer.enable_auto_save(True)
 
-        if not Watcher:
-            logger.warning("Redis configuration not completed successfully. Watcher is disabled.")
-            return enforcer
-
-        try:
-            enforcer.set_watcher(Watcher)
-            logger.info("Watcher successfully set on Casbin enforcer")
-        except Exception as e:  # pylint: disable=broad-exception-caught
-            logger.error(f"Failed to set watcher on Casbin enforcer: {e}")
-
         return enforcer

openedx_authz/engine/watcher.py

@@ -24,10 +24,5 @@ def plugin_settings(settings):
     settings.CASBIN_MODEL = os.path.join(
         ROOT_DIRECTORY, "engine", "config", "model.conf"
     )
-    settings.CASBIN_WATCHER_ENABLED = False
     if not hasattr(settings, "CASBIN_AUTO_LOAD_POLICY_INTERVAL"):
         settings.CASBIN_AUTO_LOAD_POLICY_INTERVAL = 5
-    # TODO: Replace with a more dynamic configuration
-    # Redis host and port are temporarily loaded here for the MVP
-    settings.REDIS_HOST = "redis"
-    settings.REDIS_PORT = 6379

openedx_authz/settings/common.py

@@ -69,7 +69,4 @@ def plugin_settings(settings):  # pylint: disable=unused-argument
 
 # Casbin configuration
 CASBIN_MODEL = os.path.join(ROOT_DIRECTORY, "engine", "config", "model.conf")
-CASBIN_AUTO_LOAD_POLICY_INTERVAL = 1
-CASBIN_WATCHER_ENABLED = False
-REDIS_HOST = "redis"
-REDIS_PORT = 6379
+CASBIN_AUTO_LOAD_POLICY_INTERVAL = 0

openedx_authz/settings/test.py

@@ -93,20 +93,9 @@ def setUpClass(cls):
         to add their specific role assignments by calling _assign_roles_to_users.
         """
         super().setUpClass()
+        AuthzEnforcer.get_enforcer().stop_auto_load_policy()
         cls._seed_database_with_policies()
 
-    @classmethod
-    def tearDownClass(cls):
-        """Clean up after all tests in the class.
-
-        Stops the auto-load policy thread to prevent database locking issues
-        with SQLite during concurrent access.
-        """
-        super().tearDownClass()
-        enforcer = AuthzEnforcer.get_enforcer()
-        if hasattr(enforcer, 'stop_auto_load_policy'):
-            enforcer.stop_auto_load_policy()
-
     def setUp(self):
         """Set up test environment."""
         super().setUp()

openedx_authz/tests/api/test_roles.py

@@ -7,7 +7,6 @@ openedx-atlas               # Open edX Atlas library
 attrs                       # Classes without boilerplate
 pycasbin                    # Authorization library for implementing access control models
 casbin-django-orm-adapter   # Adapter for Django ORM for Casbin
-redis-watcher               # Watcher for Redis for Casbin
 edx-opaque-keys             # Opaque keys for resource identification
 edx-api-doc-tools           # Tools for API documentation
 edx-drf-extensions          # Extensions for Django Rest Framework used by Open edX

requirements/base.in

@@ -78,7 +78,6 @@ pycasbin==2.2.0
     # via
     #   -r requirements/base.in
     #   casbin-django-orm-adapter
-    #   redis-watcher
 pycparser==2.23
     # via cffi
 pyjwt[crypto]==2.10.1
@@ -93,10 +92,6 @@ pytz==2025.2
     # via drf-yasg
 pyyaml==6.0.3
     # via drf-yasg
-redis==6.4.0
-    # via redis-watcher
-redis-watcher==1.8.0
-    # via -r requirements/base.in
 requests==2.32.5
     # via edx-drf-extensions
 semantic-version==2.10.0

requirements/base.txt

@@ -223,7 +223,6 @@ pycasbin==2.2.0
     # via
     #   -r requirements/quality.txt
     #   casbin-django-orm-adapter
-    #   redis-watcher
 pycodestyle==2.14.0
     # via -r requirements/quality.txt
 pycparser==2.23
@@ -302,12 +301,6 @@ pyyaml==6.0.3
     #   code-annotations
     #   drf-yasg
     #   edx-i18n-tools
-redis==6.4.0
-    # via
-    #   -r requirements/quality.txt
-    #   redis-watcher
-redis-watcher==1.8.0
-    # via -r requirements/quality.txt
 requests==2.32.5
     # via
     #   -r requirements/quality.txt