From 94694deb9142e4b177b1048217567bd64cde262b Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 6 Feb 2026 22:42:50 +0000
Subject: [PATCH] fix: address code review feedback - add error handling and
 fix import style

Co-authored-by: ZimengXiong <83783148+ZimengXiong@users.noreply.github.com>
---
 backend/src/__tests__/user-sandboxing.test.ts |  2 +-
 backend/src/index.ts                          | 47 ++++++++++---------
 2 files changed, 27 insertions(+), 22 deletions(-)

diff --git a/backend/src/__tests__/user-sandboxing.test.ts b/backend/src/__tests__/user-sandboxing.test.ts
index 6e55bf7..790c111 100644
--- a/backend/src/__tests__/user-sandboxing.test.ts
+++ b/backend/src/__tests__/user-sandboxing.test.ts
@@ -8,6 +8,7 @@
  */
 
 import { describe, it, expect, beforeAll, afterAll, beforeEach } from "vitest";
+import bcrypt from "bcrypt";
 import {
   getTestPrisma,
   cleanupTestDb,
@@ -28,7 +29,6 @@ describe("User Data Sandboxing", () => {
     prisma = getTestPrisma();
 
     // Create two test users
-    const bcrypt = require("bcrypt");
     const hashA = await bcrypt.hash("passwordA", 10);
     const hashB = await bcrypt.hash("passwordB", 10);
 
diff --git a/backend/src/index.ts b/backend/src/index.ts
index b5c7e0c..c97eb58 100644
--- a/backend/src/index.ts
+++ b/backend/src/index.ts
@@ -797,30 +797,35 @@ io.on("connection", (socket) => {
       drawingId: string;
       user: Omit<User, "socketId" | "isActive">;
     }) => {
-      // Verify the authenticated user owns this drawing
-      if (authenticatedUserId) {
-        const drawing = await prisma.drawing.findFirst({
-          where: { id: drawingId, userId: authenticatedUserId },
-          select: { id: true },
-        });
+      try {
+        // Verify the authenticated user owns this drawing
+        if (authenticatedUserId) {
+          const drawing = await prisma.drawing.findFirst({
+            where: { id: drawingId, userId: authenticatedUserId },
+            select: { id: true },
+          });
 
-        if (!drawing) {
-          socket.emit("error", { message: "Drawing not found or access denied" });
-          return;
+          if (!drawing) {
+            socket.emit("error", { message: "Drawing not found or access denied" });
+            return;
+          }
         }
+
+        const roomId = `drawing_${drawingId}`;
+        socket.join(roomId);
+
+        const newUser: User = { ...user, socketId: socket.id, isActive: true };
+
+        const currentUsers = roomUsers.get(roomId) || [];
+        const filteredUsers = currentUsers.filter((u) => u.id !== user.id);
+        filteredUsers.push(newUser);
+        roomUsers.set(roomId, filteredUsers);
+
+        io.to(roomId).emit("presence-update", filteredUsers);
+      } catch (err) {
+        console.error("Error in join-room handler:", err);
+        socket.emit("error", { message: "Failed to join room" });
       }
-
-      const roomId = `drawing_${drawingId}`;
-      socket.join(roomId);
-
-      const newUser: User = { ...user, socketId: socket.id, isActive: true };
-
-      const currentUsers = roomUsers.get(roomId) || [];
-      const filteredUsers = currentUsers.filter((u) => u.id !== user.id);
-      filteredUsers.push(newUser);
-      roomUsers.set(roomId, filteredUsers);
-
-      io.to(roomId).emit("presence-update", filteredUsers);
     }
   );