fix: cleanup codebase and sync SPEC with actual permissions

Phase 1: Ruff lint fixes
- Remove unused imports across all files
- Remove unused variables (now_utc, tz, ctx)
- Fix f-string without placeholders
- Fix E402 import order with noqa comments

Phase 2: Remove confusing hard delete from storage
- Removed delete_bounty() from RoomStorage Protocol (never used by app)
- Removed delete_bounty() from JsonFileRoomStorage (was hard delete)
- Removed corresponding tests (hard delete was never used)

Phase 3: Sync SPEC.md with actual code behavior
- Updated overview: admins can add/edit/delete (not 'anyone' + 'creator')
- Updated command table: /add, /edit, /delete are admin only
- Updated error handling messages

Test results: 96 passed (2 hard delete tests removed)

adapters/storage/json_file.py

@@ -12,7 +12,6 @@ import tempfile
 from pathlib import Path
 
 from core.models import Bounty, RoomData, TrackingData, TrackedBounty
-from core.ports import RoomStorage, TrackingStorage
 
 
 class JsonFileRoomStorage:
@@ -119,15 +118,6 @@ class JsonFileRoomStorage:
 
         self.save(room_data)
 
-    def delete_bounty(self, room_id: int, bounty_id: int) -> None:
-        """Delete a bounty from a room."""
-        room_data = self.load(room_id)
-        if room_data is None:
-            return
-
-        room_data.bounties = [b for b in room_data.bounties if b.id != bounty_id]
-        self.save(room_data)
-
     def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
         """Get a specific bounty from a room by ID."""
         room_data = self.load(room_id)