refactor: Add RBAC admin cache constants

Author: Tycho Hob

openedx_authz/engine/enforcer.py

@@ -151,8 +151,6 @@ def configure_enforcer_auto_save_and_load(cls):
 
         if auto_load_policy_interval > 0:
             cls.configure_enforcer_auto_loading(auto_load_policy_interval)
-        else:
-            logger.warning("CASBIN_AUTO_LOAD_POLICY_INTERVAL is not set or zero; auto-load is disabled.")
 
         cls.configure_enforcer_auto_save(auto_save_policy)
 

openedx_authz/engine/matcher.py

@@ -6,6 +6,9 @@
 from openedx_authz.api.data import ContentLibraryData, ScopeData, UserData
 from openedx_authz.rest_api.utils import get_user_by_username_or_email
 
+RBAC_ADMIN_CACHE_KEY_FMT = "rbac_is_admin_or_superuser_{username}"
+RBAC_ADMIN_CACHE_TIMEOUT_SECS = 2
+
 User = get_user_model()
 
 
@@ -36,8 +39,8 @@ def is_admin_or_superuser_check(request_user: str, request_action: str, request_
     if not isinstance(scope, ContentLibraryData):
         return False
 
-    # TODO: Make this key format a constant
-    is_allowed = cache.get(f"rbac_is_admin_or_superuser_{username}")
+    cache_key = RBAC_ADMIN_CACHE_KEY_FMT.format(username=username)
+    is_allowed = cache.get(cache_key)
 
     if is_allowed is not None:
         return is_allowed
@@ -50,6 +53,6 @@ def is_admin_or_superuser_check(request_user: str, request_action: str, request_
     is_allowed = user.is_staff or user.is_superuser
 
     # TODO: Make this cache timeout configurable
-    cache.set(f"rbac_is_admin_or_superuser_{username}", is_allowed, 2)
+    cache.set(cache_key, is_allowed, RBAC_ADMIN_CACHE_TIMEOUT_SECS)
 
     return is_allowed