There must be something else in your website that is constantly checking for the existence of that constant and re-adding it to the configuration file once it doesn’t finds it. This explains why you cannot revert the hardening using the Sucuri plugin, because it was never applied using the Sucuri’s code. You probably have another security plugin running in place.
If you have SSH access to your web server, you could scan the entire website using this command [1] and find the code responsible for the addition of this constant. If you have no idea what SSH is, then simply disable all the plugins that you currently have installed, and activate one by one, eventually you will find the culprit if you check the configuration file every time you activate a plugin, leave the Sucuri plugin as the last one just to make sure that it is not the culprit.
[1] grep -rn "DISALLOW_FILE_EDIT" -- $HOME
