From 89eaad88ece98fdf17957a0d91e3c2c9a963df36 Mon Sep 17 00:00:00 2001 From: hjjjj <1311711287@qq.com> Date: Fri, 27 Mar 2026 15:31:03 +0800 Subject: [PATCH] refactor(server): simplify user ID comparison for locks - Introduced a new utility function `sameUserId` to streamline user ID comparisons across multiple API endpoints. - Updated lock validation logic in the skill and agent management routes to utilize the new function, enhancing code readability and maintainability. --- server.js | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/server.js b/server.js index 0653f5a..eb9596d 100644 --- a/server.js +++ b/server.js @@ -131,6 +131,12 @@ function getActiveLock(doc) { return { userId: doc.lock.userId, by: doc.lock.nickname || doc.lock.by || doc.lock.userId, at: doc.lock.at } } +function sameUserId(a, b) { + const lhs = String(a ?? '').trim() + const rhs = String(b ?? '').trim() + return lhs.length > 0 && rhs.length > 0 && lhs === rhs +} + function extractDescription(files) { const skillFile = files.find(f => f.path === 'SKILL.md' || f.path.endsWith('SKILL.md')) if (!skillFile) return '' @@ -423,7 +429,7 @@ app.post('/api/skills/:name/lock', async (req, res) => { return res.status(404).json({ success: false, error: 'Skill not found' }) } const activeLock = getActiveLock(skill) - if (activeLock && activeLock.userId !== req.user.id) { + if (activeLock && !sameUserId(activeLock.userId, req.user.id)) { return res.status(423).json({ success: false, error: `${activeLock.by} 正在编辑`, locked_by: activeLock.by }) } await skillsCollection.updateOne( @@ -449,7 +455,7 @@ app.delete('/api/skills/:name/lock', async (req, res) => { } const activeLock = getActiveLock(skill) const isAdmin = req.user.role === 'admin' - if (activeLock && activeLock.userId !== req.user.id && !isAdmin) { + if (activeLock && !sameUserId(activeLock.userId, req.user.id) && !isAdmin) { return res.status(403).json({ success: false, error: '只能由加锁用户或管理员解锁' }) } await skillsCollection.updateOne( @@ -544,7 +550,7 @@ app.post('/api/skills/:name/publish', async (req, res) => { if (existingSkill) { const activeLock = getActiveLock(existingSkill) - if (activeLock && activeLock.userId !== userId) { + if (activeLock && !sameUserId(activeLock.userId, userId)) { return res.status(423).json({ success: false, error: `${activeLock.by} 正在编辑,暂时不能发布`, @@ -846,7 +852,7 @@ app.post('/api/agents/:name/publish', async (req, res) => { if (existing) { const activeLock = getActiveLock(existing) - if (activeLock && activeLock.userId !== userId) { + if (activeLock && !sameUserId(activeLock.userId, userId)) { return res.status(423).json({ success: false, error: `${activeLock.by} 正在编辑,暂时不能发布`, @@ -916,7 +922,7 @@ app.post('/api/agents/:name/lock', async (req, res, next) => { const agent = await agentsCollection.findOne({ name: req.params.name }) if (!agent) return res.status(404).json({ success: false, error: 'Agent not found' }) const activeLock = getActiveLock(agent) - if (activeLock && activeLock.userId !== req.user.id) { + if (activeLock && !sameUserId(activeLock.userId, req.user.id)) { return res.status(423).json({ success: false, error: `${activeLock.by} 正在编辑`, locked_by: activeLock.by }) } await agentsCollection.updateOne({ _id: agent._id }, { $set: { lock: { userId: req.user.id, nickname: req.user.nickname || req.user.email, at: new Date().toISOString() } } }) @@ -937,7 +943,7 @@ app.delete('/api/agents/:name/lock', async (req, res, next) => { if (!agent) return res.status(404).json({ success: false, error: 'Agent not found' }) const activeLock = getActiveLock(agent) const isAdmin = req.user.role === 'admin' - if (activeLock && activeLock.userId !== req.user.id && !isAdmin) { + if (activeLock && !sameUserId(activeLock.userId, req.user.id) && !isAdmin) { return res.status(403).json({ success: false, error: '只能由加锁用户或管理员解锁' }) } await agentsCollection.updateOne({ _id: agent._id }, { $unset: { lock: '' } })