debug: add logging to _find_user_id_by_username

To see the actual error when user lookup fails.

CONTRIBUTING.md

@@ -5,27 +5,42 @@
 ```bash
 git clone https://git.fbrns.co/shoko/jigaido.git
 cd jigaido
+
+# Create virtual environment
 python -m venv venv
 source venv/bin/activate
-pip install -r requirements.txt
+
+# Install dependencies
+pip install -r apps/telegram-bot/requirements.txt
+
+# Run tests
+pytest
 
 # Run bot
-export JIGAIDO_BOT_TOKEN="test:token"
-python bot.py
+export JIGAIDO_BOT_TOKEN="your_bot_token"
+python -m apps.telegram-bot.bot
 ```
 
+## Architecture
+
+JIGAIDO follows hexagonal architecture:
+
+- **Core** (`core/`): Pure domain logic - models, ports (interfaces), and services
+- **Adapters** (`adapters/`): Infrastructure implementations - storage adapters
+- **Apps** (`apps/`): CLI applications - Telegram bot
+
 ## Code Style
 
-- Python (no strict formatter enforced yet)
+- Python 3.10+ with type hints
 - Async/await for Telegram handlers
-- Type hints where obvious
 - Docstrings for public functions
+- Follow existing code patterns
 
 ## Pull Request Workflow
 
 1. Branch from `main`
 2. Make changes
-3. Test locally
+3. Test locally with `pytest`
 4. Open PR with description of what changed and why
 5. Someone reviews and merges
 

README.md

@@ -22,14 +22,33 @@ A bounty tracking platform. Currently ships with a Telegram bot for managing and
 
 ```
 jigaido/
+├── core/                    # Domain layer (pure Python, no external deps)
+│   ├── models.py            # Domain dataclasses (Bounty, Tracking)
+│   ├── ports.py             # Port interfaces
+│   └── services.py          # Domain services
+├── adapters/                # Infrastructure adapters
+│   └── storage/
+│       └── json_file.py     # JSON file storage implementation
 ├── apps/
-│   └── telegram-bot/   ← first app (Python)
-│       ├── bot.py
-│       ├── commands.py
-│       ├── cron.py
-│       ├── db.py
-│       └── requirements.txt
-└── SPEC.md             ← full design specification
+│   └── telegram-bot/        # Telegram bot CLI application
+│       ├── bot.py            # Bot entry point
+│       └── commands.py       # Command handlers
+├── tests/                   # Unit tests
+├── config.py               # Configuration management
+└── SPEC.md                 # Full design specification
+```
+
+## Quick Start
+
+```bash
+# Install dependencies
+pip install -r apps/telegram-bot/requirements.txt
+
+# Set bot token
+export JIGAIDO_BOT_TOKEN="your_bot_token"
+
+# Run bot
+python -m apps.telegram-bot.bot
 ```
 
 ## License

SPEC.md

@@ -20,7 +20,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 
 ### Stack
 - **Bot**: `python-telegram-bot` (pure Python, no C extensions)
-- **Storage**: Per-group JSON files (zero-setup, no DB server)
+- **Storage**: Per-group JSON files via `adapters/storage/json_file.py`
 - **Date parsing**: `dateparser`
 - **Runtime**: Python 3.10+
 - **Deployment**: Any $5 VPS with Python 3.10+
@@ -28,19 +28,40 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 ### Directory Structure
 
 ```
-~/.jigaido/                          # Data root (~/.jigaido/)
-├── {group_id}/
-│   ├── group.json                  # Group bounties
-│   └── {user_id}.json              # User tracking within this group
-└── {user_id}/
-    └── user.json                    # User's personal bounties (DM mode)
+jigaido/
+├── core/                    # Domain layer
+│   ├── models.py            # Domain dataclasses (Bounty, Tracking)
+│   ├── ports.py             # Port interfaces (abstract base classes)
+│   └── services.py          # Domain services (BountyService, TrackingService)
+├── adapters/                # Infrastructure adapters
+│   └── storage/
+│       └── json_file.py     # JSON file storage implementation
+├── apps/
+│   └── telegram-bot/        # Telegram bot CLI application
+│       ├── bot.py            # Bot entry point
+│       └── commands.py       # Command handlers
+├── config.py               # Configuration management
+└── tests/                  # Unit tests
 ```
 
-**Note:** Data directory is at `~/.jigaido/` (home directory), NOT inside the repository or app directory.
+### Hexagonal Architecture
 
-### Storage Design
+- **Core** (`core/`): Pure domain logic, no external dependencies
+  - `models.py`: Domain dataclasses
+  - `ports.py`: Abstract interfaces for storage
+  - `services.py`: Business logic
 
-**File: `data/{group_id}/group.json`**
+- **Adapters** (`adapters/`): Implementations of ports
+  - `storage/json_file.py`: JSON file-based storage
+
+- **Apps** (`apps/`): CLI applications
+  - `telegram-bot/`: Telegram bot interface
+
+### Data Storage
+
+Data is stored at `~/.jigaido/` (home directory), NOT inside the repository.
+
+**File: `~/.jigaido/{group_id}/group.json`**
 
 ```json
 {
@@ -58,7 +79,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 }
 ```
 
-**File: `data/{group_id}/{user_id}.json`**
+**File: `~/.jigaido/{group_id}/{user_id}.json`**
 
 ```json
 {
@@ -68,7 +89,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 }
 ```
 
-**File: `data/{user_id}/user.json`**
+**File: `~/.jigaido/{user_id}/user.json`**
 
 ```json
 {
@@ -87,10 +108,10 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 
 **Key design decisions:**
 
-1. **Group-isolated storage** — Each group has its own directory. No cross-group access.
-2. **Bounty IDs are sequential per group.json** — Not global. Each group's file has its own ID counter.
-3. **Atomic writes** — Uses `tempfile` + `rename` for safe writes.
-4. **No reminders in v1** — Dropped for simplicity.
+1. **Hexagonal architecture** — Core domain is isolated from infrastructure
+2. **Group-isolated storage** — Each group has its own directory. No cross-group access.
+3. **Bounty IDs are sequential per group.json** — Not global. Each group's file has its own ID counter.
+4. **Atomic writes** — Uses `tempfile` + `rename` for safe writes.
 
 ---
 ## Commands
@@ -102,7 +123,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 | `/bounty` | anyone | List all bounties in this group |
 | `/my` | anyone | List bounties tracked by you in this group |
 | `/add <text> [link] [due date]` | anyone | Add a new bounty to the group |
-| `/update <bounty_id> [text] [link] [due_date]` | creator only | Update an existing bounty |
+| `/edit <bounty_id> [text] [link] [due_date]` | creator only | Edit an existing bounty |
 | `/delete <bounty_id>` | creator only | Delete a bounty |
 | `/track <bounty_id>` | anyone | Track a group bounty |
 | `/untrack <bounty_id>` | anyone | Stop tracking a bounty |
@@ -114,7 +135,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 | `/bounty` | List all your personal bounties |
 | `/my` | List all your personal bounties |
 | `/add <text> [link] [due date]` | Add a personal bounty |
-| `/update <bounty_id> [text] [link] [due_date]` | Update a personal bounty |
+| `/edit <bounty_id> [text] [link] [due_date]` | Edit a personal bounty |
 | `/delete <bounty_id>` | Delete a personal bounty |
 | `/track <bounty_id>` | Track a personal bounty |
 
@@ -149,7 +170,7 @@ Stored as Unix timestamp. User-facing display can be localized/converted to any
 ## Error Handling
 
 - Unknown command → help text with available commands
-- `/update`/`/delete` by non-creator → "⛔ Only the creator can edit/delete this bounty."
+- `/edit`/`/delete` by non-creator → "⛔ Only the creator can edit/delete this bounty."
 - `/track` already tracked → "Already tracking" (idempotent)
 - `/untrack` not tracked → "Not tracking" (idempotent)
 - Bounty not found → "Bounty not found"

adapters/storage/json_file.py

@@ -56,6 +56,8 @@ class JsonFileRoomStorage:
                 due_date_ts=b.get("due_date_ts"),
                 created_at=b["created_at"],
                 created_by_user_id=b["created_by_user_id"],
+                deleted_at=b.get("deleted_at"),
+                created_by_username=b.get("created_by_username"),
             )
             for b in data.get("bounties", [])
         ]
@@ -64,6 +66,8 @@ class JsonFileRoomStorage:
             room_id=data["room_id"],
             bounties=bounties,
             next_id=data["next_id"],
+            timezone=data.get("timezone"),
+            admin_user_ids=data.get("admin_user_ids", []),
         )
 
     def save(self, room_data: RoomData) -> None:
@@ -71,6 +75,8 @@ class JsonFileRoomStorage:
         data = {
             "room_id": room_data.room_id,
             "next_id": room_data.next_id,
+            "timezone": room_data.timezone,
+            "admin_user_ids": room_data.admin_user_ids or [],
             "bounties": [
                 {
                     "id": b.id,
@@ -79,6 +85,8 @@ class JsonFileRoomStorage:
                     "due_date_ts": b.due_date_ts,
                     "created_at": b.created_at,
                     "created_by_user_id": b.created_by_user_id,
+                    "deleted_at": b.deleted_at,
+                    "created_by_username": b.created_by_username,
                 }
                 for b in room_data.bounties
             ],
@@ -132,6 +140,35 @@ class JsonFileRoomStorage:
 
         return None
 
+    def list_bounties(self, room_id: int) -> list[Bounty]:
+        """List all non-deleted bounties in a room.
+
+        This is the default method for normal queries - soft-deleted bounties
+        are excluded from results.
+        """
+        room_data = self.load(room_id)
+        if room_data is None:
+            return []
+        return [b for b in room_data.bounties if b.deleted_at is None]
+
+    def list_all_bounties(
+        self, room_id: int, include_deleted: bool = True
+    ) -> list[Bounty]:
+        """List all bounties including or excluding soft-deleted.
+
+        Args:
+            room_id: The room ID
+            include_deleted: If True, return all bounties including soft-deleted.
+                           If False, return only non-deleted bounties.
+                           Defaults to True for /recover functionality.
+        """
+        room_data = self.load(room_id)
+        if room_data is None:
+            return []
+        if include_deleted:
+            return room_data.bounties
+        return [b for b in room_data.bounties if b.deleted_at is None]
+
 
 class JsonFileTrackingStorage:
     """TrackingStorage implementation using JSON files.

apps/telegram-bot/bot.py

@@ -4,15 +4,33 @@ import logging
 import os
 import sys
 
-from telegram import Update
+sys.path.insert(0, "/home/shoko/repositories/jigaido")
+
 from telegram.ext import (
     Application,
     CommandHandler,
     MessageHandler,
+    CallbackQueryHandler,
     filters,
 )
 
-import commands
+from commands import (
+    cmd_add,
+    cmd_admin,
+    cmd_bounty,
+    cmd_delete,
+    cmd_delete_message,
+    cmd_edit,
+    cmd_help,
+    cmd_my,
+    cmd_recover,
+    cmd_show,
+    cmd_start,
+    cmd_timezone,
+    cmd_track,
+    cmd_untrack,
+    cmd_update,
+)
 
 logging.basicConfig(
     format="%(asctime)s %(levelname)s %(name)s: %(message)s",
@@ -20,23 +38,36 @@ logging.basicConfig(
 )
 log = logging.getLogger(__name__)
 
-BOT_TOKEN = os.environ.get("JIGAIDO_BOT_TOKEN", "")
+from config import config
+
+BOT_TOKEN = config.bot_token or ""
+
+
+async def error_handler(update, context):
+    log.error(f"Error: {context.error}")
 
 
 def build_app() -> Application:
     app = Application.builder().token(BOT_TOKEN).build()
 
-    app.add_handler(CommandHandler("start", commands.cmd_start))
-    app.add_handler(CommandHandler("help", commands.cmd_help))
-    app.add_handler(CommandHandler("bounty", commands.cmd_bounty))
-    app.add_handler(CommandHandler("my", commands.cmd_my))
-    app.add_handler(CommandHandler("add", commands.cmd_add))
-    app.add_handler(CommandHandler("update", commands.cmd_update))
-    app.add_handler(CommandHandler("delete", commands.cmd_delete))
-    app.add_handler(CommandHandler("track", commands.cmd_track))
-    app.add_handler(CommandHandler("untrack", commands.cmd_untrack))
+    app.add_handler(CommandHandler("start", cmd_start))
+    app.add_handler(CommandHandler("help", cmd_help))
+    app.add_handler(CommandHandler("bounty", cmd_bounty))
+    app.add_handler(CommandHandler("my", cmd_my))
+    app.add_handler(CommandHandler("add", cmd_add))
+    app.add_handler(CommandHandler("edit", cmd_edit))
+    app.add_handler(CommandHandler("update", cmd_update))
+    app.add_handler(CommandHandler("delete", cmd_delete))
+    app.add_handler(CommandHandler("track", cmd_track))
+    app.add_handler(CommandHandler("untrack", cmd_untrack))
+    app.add_handler(CommandHandler("show", cmd_show))
+    app.add_handler(CommandHandler("timezone", cmd_timezone))
+    app.add_handler(CommandHandler("admin", cmd_admin))
+    app.add_handler(CommandHandler("recover", cmd_recover))
 
-    app.add_handler(MessageHandler(filters.COMMAND, commands.cmd_help))
+    app.add_handler(CallbackQueryHandler(cmd_delete_message))
+
+    app.add_error_handler(error_handler)
 
     return app
 
@@ -47,14 +78,21 @@ async def post_init(app: Application) -> None:
             ("bounty", "List bounties"),
             ("my", "Your tracked bounties"),
             ("add", "Add a bounty"),
+            ("edit", "Edit a bounty"),
             ("track", "Track a bounty"),
             ("untrack", "Stop tracking"),
+            ("show", "Show bounty details"),
+            ("timezone", "Get/set room timezone"),
+            ("admin", "Manage admins"),
+            ("recover", "Recover deleted bounties"),
             ("help", "Show help"),
         ]
     )
 
 
 def main() -> None:
+    import asyncio
+
     if not BOT_TOKEN:
         log.error("JIGAIDO_BOT_TOKEN environment variable not set.")
         sys.exit(1)
@@ -63,6 +101,11 @@ def main() -> None:
     app.post_init = post_init
 
     log.info("JIGAIDO starting...")
+    # Python 3.14 compatibility: ensure event loop exists
+    try:
+        asyncio.get_event_loop()
+    except RuntimeError:
+        asyncio.set_event_loop(asyncio.new_event_loop())
     app.run_polling(drop_pending_updates=True)
 
 

apps/telegram-bot/requirements-dev.txt

@@ -1,4 +0,0 @@
-python-telegram-bot==21.6
-dateparser==1.2.0
-pytest==8.3.5
-pytest-asyncio==0.25.2

apps/telegram-bot/run_bot.py

@@ -0,0 +1,28 @@
+#!/usr/bin/env python3
+import asyncio
+import os
+import sys
+
+# Run from the telegram-bot directory so local imports work
+os.chdir("/home/shoko/repositories/jigaido/apps/telegram-bot")
+sys.path.insert(0, "/home/shoko/repositories/jigaido")
+
+# Import main from the local bot module
+import bot as bot_module
+
+if __name__ == "__main__":
+    if not bot_module.BOT_TOKEN:
+        bot_module.log.error("JIGAIDO_BOT_TOKEN environment variable not set.")
+        sys.exit(1)
+
+    app = bot_module.build_app()
+    app.post_init = bot_module.post_init
+    bot_module.log.info("JIGAIDO starting...")
+
+    # PTB v20+ app.run_polling() is async - use asyncio.get_event_loop() + run_until_complete
+    loop = asyncio.new_event_loop()
+    asyncio.set_event_loop(loop)
+    try:
+        loop.run_until_complete(app.run_polling(drop_pending_updates=True))
+    finally:
+        loop.close()

apps/telegram-bot/storage.py

@@ -1,216 +0,0 @@
-"""Per-group JSON file storage for JIGAIDO."""
-
-import json
-import os
-import tempfile
-from pathlib import Path
-from typing import Optional
-
-DATA_DIR = Path.home() / ".jigaido"
-
-
-def _ensure_dirs() -> None:
-    DATA_DIR.mkdir(parents=True, exist_ok=True)
-
-
-def _group_dir(group_id: int) -> Path:
-    return DATA_DIR / str(group_id)
-
-
-def _user_personal_dir(user_id: int) -> Path:
-    return DATA_DIR / str(user_id)
-
-
-def _group_file(group_id: int) -> Path:
-    return _group_dir(group_id) / "group.json"
-
-
-def _user_tracking_file(group_id: int, user_id: int) -> Path:
-    return _group_dir(group_id) / f"{user_id}.json"
-
-
-def _user_personal_file(user_id: int) -> Path:
-    return _user_personal_dir(user_id) / "user.json"
-
-
-def _atomic_write(path: Path, data: dict) -> None:
-    path.parent.mkdir(parents=True, exist_ok=True)
-    with tempfile.NamedTemporaryFile(mode="w", dir=path.parent, delete=False) as tmp:
-        json.dump(data, tmp, indent=2)
-        tmp_path = tmp.name
-    os.rename(tmp_path, path)
-
-
-def load_group_bounties(group_id: int) -> dict:
-    _ensure_dirs()
-    path = _group_file(group_id)
-    if not path.exists():
-        return {"bounties": [], "next_id": 1}
-    with open(path) as f:
-        return json.load(f)
-
-
-def save_group_bounties(group_id: int, data: dict) -> None:
-    _atomic_write(_group_file(group_id), data)
-
-
-def add_group_bounty(
-    group_id: int,
-    created_by_user_id: int,
-    text: Optional[str],
-    link: Optional[str],
-    due_date_ts: Optional[int],
-) -> dict:
-    data = load_group_bounties(group_id)
-    bounty = {
-        "id": data["next_id"],
-        "created_by_user_id": created_by_user_id,
-        "text": text,
-        "link": link,
-        "due_date_ts": due_date_ts,
-        "created_at": int(os.path.getctime(_group_file(group_id)))
-        if _group_file(group_id).exists()
-        else 0,
-    }
-    data["bounties"].append(bounty)
-    data["next_id"] += 1
-    save_group_bounties(group_id, data)
-    return bounty
-
-
-def update_group_bounty(
-    group_id: int,
-    bounty_id: int,
-    text: Optional[str],
-    link: Optional[str],
-    due_date_ts: Optional[int],
-) -> bool:
-    data = load_group_bounties(group_id)
-    for bounty in data["bounties"]:
-        if bounty["id"] == bounty_id:
-            if text is not None:
-                bounty["text"] = text
-            if link is not None:
-                bounty["link"] = link
-            if due_date_ts is not None:
-                bounty["due_date_ts"] = due_date_ts
-            save_group_bounties(group_id, data)
-            return True
-    return False
-
-
-def delete_group_bounty(group_id: int, bounty_id: int) -> bool:
-    data = load_group_bounties(group_id)
-    for i, bounty in enumerate(data["bounties"]):
-        if bounty["id"] == bounty_id:
-            data["bounties"].pop(i)
-            save_group_bounties(group_id, data)
-            return True
-    return False
-
-
-def get_group_bounty(group_id: int, bounty_id: int) -> Optional[dict]:
-    data = load_group_bounties(group_id)
-    for bounty in data["bounties"]:
-        if bounty["id"] == bounty_id:
-            return bounty
-    return None
-
-
-def load_user_tracking(group_id: int, user_id: int) -> dict:
-    path = _user_tracking_file(group_id, user_id)
-    if not path.exists():
-        return {"tracked": []}
-    with open(path) as f:
-        return json.load(f)
-
-
-def save_user_tracking(group_id: int, user_id: int, data: dict) -> None:
-    _atomic_write(_user_tracking_file(group_id, user_id), data)
-
-
-def track_bounty(group_id: int, user_id: int, bounty_id: int) -> bool:
-    data = load_user_tracking(group_id, user_id)
-    if any(t["bounty_id"] == bounty_id for t in data["tracked"]):
-        return False
-    data["tracked"].append({"bounty_id": bounty_id})
-    save_user_tracking(group_id, user_id, data)
-    return True
-
-
-def untrack_bounty(group_id: int, user_id: int, bounty_id: int) -> bool:
-    data = load_user_tracking(group_id, user_id)
-    for i, t in enumerate(data["tracked"]):
-        if t["bounty_id"] == bounty_id:
-            data["tracked"].pop(i)
-            save_user_tracking(group_id, user_id, data)
-            return True
-    return False
-
-
-def load_user_personal(user_id: int) -> dict:
-    path = _user_personal_file(user_id)
-    if not path.exists():
-        return {"bounties": [], "next_id": 1}
-    with open(path) as f:
-        return json.load(f)
-
-
-def save_user_personal(user_id: int, data: dict) -> None:
-    _atomic_write(_user_personal_file(user_id), data)
-
-
-def add_personal_bounty(
-    user_id: int, text: Optional[str], link: Optional[str], due_date_ts: Optional[int]
-) -> dict:
-    data = load_user_personal(user_id)
-    bounty = {
-        "id": data["next_id"],
-        "text": text,
-        "link": link,
-        "due_date_ts": due_date_ts,
-        "created_at": 0,
-    }
-    data["bounties"].append(bounty)
-    data["next_id"] += 1
-    save_user_personal(user_id, data)
-    return bounty
-
-
-def update_personal_bounty(
-    user_id: int,
-    bounty_id: int,
-    text: Optional[str],
-    link: Optional[str],
-    due_date_ts: Optional[int],
-) -> bool:
-    data = load_user_personal(user_id)
-    for bounty in data["bounties"]:
-        if bounty["id"] == bounty_id:
-            if text is not None:
-                bounty["text"] = text
-            if link is not None:
-                bounty["link"] = link
-            if due_date_ts is not None:
-                bounty["due_date_ts"] = due_date_ts
-            save_user_personal(user_id, data)
-            return True
-    return False
-
-
-def delete_personal_bounty(user_id: int, bounty_id: int) -> bool:
-    data = load_user_personal(user_id)
-    for i, bounty in enumerate(data["bounties"]):
-        if bounty["id"] == bounty_id:
-            data["bounties"].pop(i)
-            save_user_personal(user_id, data)
-            return True
-    return False
-
-
-def get_personal_bounty(user_id: int, bounty_id: int) -> Optional[dict]:
-    data = load_user_personal(user_id)
-    for bounty in data["bounties"]:
-        if bounty["id"] == bounty_id:
-            return bounty
-    return None

apps/telegram-bot/tests/conftest.py

@@ -6,22 +6,5 @@ from pathlib import Path
 
 import pytest
 
-# Add the app directory to path so `import db` works when running pytest
+# Add the app directory to path so imports work when running pytest
 sys.path.insert(0, str(Path(__file__).parent.parent))
-
-
-@pytest.fixture(autouse=True)
-def fresh_db(monkeypatch):
-    """Replace DB_PATH with a temp file before any test runs."""
-    import db as _db
-
-    tmp = tempfile.NamedTemporaryFile(suffix=".db", delete=False)
-    tmp_path = Path(tmp.name)
-    tmp.close()
-
-    monkeypatch.setattr(_db, "DB_PATH", tmp_path)
-    _db.init_db()
-
-    yield tmp_path
-
-    tmp_path.unlink(missing_ok=True)

apps/telegram-bot/tests/test_commands.py

@@ -1,11 +1,33 @@
-"""Tests for commands.py — parsing and formatting functions only."""
+"""Tests for commands.py — parsing, formatting, and command handlers."""
 
 import time
-from unittest.mock import MagicMock
+from unittest.mock import MagicMock, patch, AsyncMock, sentinel
 
 import pytest
 
-from commands import extract_args, parse_args, format_bounty
+from telegram import Update, Message, User, Chat, CallbackQuery
+from telegram.ext import ContextTypes
+
+from commands import (
+    extract_args,
+    parse_args,
+    format_bounty,
+    cmd_bounty,
+    cmd_my,
+    cmd_add,
+    cmd_update,
+    cmd_delete,
+    cmd_track,
+    cmd_untrack,
+    cmd_start,
+    cmd_help,
+    is_group,
+    get_group_id,
+    get_user_id,
+    get_room_id,
+    BOUNTY_SERVICE,
+    TRACKING_SERVICE,
+)
 
 
 class TestExtractArgs:
@@ -110,13 +132,11 @@ class TestFormatBounty:
         created_by_user_id=123456,
     ):
         row = MagicMock()
-        row.__getitem__ = lambda s, k: {
-            "id": id,
-            "text": text,
-            "link": link,
-            "due_date_ts": due_date_ts,
-            "created_by_user_id": created_by_user_id,
-        }[k]
+        row.id = id
+        row.text = text
+        row.link = link
+        row.due_date_ts = due_date_ts
+        row.created_by_user_id = created_by_user_id
         return row
 
     def test_shows_id(self):
@@ -168,3 +188,378 @@ class TestFormatBounty:
         b = self._row(created_by_user_id=999)
         out = format_bounty(b)
         assert "999" in out
+
+
+def create_mock_update(
+    user_id=123,
+    chat_id=-456,
+    chat_type="group",
+    message_text="/bounty",
+):
+    """Create a mock Telegram Update with common values."""
+    user = MagicMock(spec=User)
+    user.id = user_id
+
+    chat = MagicMock(spec=Chat)
+    chat.id = chat_id
+    chat.type = chat_type
+
+    message = MagicMock(spec=Message)
+    message.text = message_text
+    message.reply_text = AsyncMock()
+    message.user = user
+
+    update = MagicMock(spec=Update)
+    update.effective_user = user
+    update.effective_chat = chat
+    update.message = message
+
+    return update
+
+
+class TestHelperFunctions:
+    """Test helper functions."""
+
+    def test_is_group_true(self):
+        update = create_mock_update(chat_type="group")
+        assert is_group(update) is True
+
+    def test_is_group_false_for_private(self):
+        update = create_mock_update(chat_type="private")
+        assert is_group(update) is False
+
+    def test_get_group_id(self):
+        update = create_mock_update(chat_id=-789)
+        assert get_group_id(update) == -789
+
+    def test_get_user_id(self):
+        update = create_mock_update(user_id=999)
+        assert get_user_id(update) == 999
+
+    def test_get_room_id_group(self):
+        update = create_mock_update(chat_id=-456, chat_type="group", user_id=123)
+        assert get_room_id(update) == -456
+
+    def test_get_room_id_private(self):
+        update = create_mock_update(chat_id=123, chat_type="private", user_id=123)
+        assert get_room_id(update) == 123
+
+
+class TestCmdBounty:
+    """Test cmd_bounty command."""
+
+    @pytest.mark.asyncio
+    async def test_lists_bounties(self):
+        update = create_mock_update()
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        mock_bounty = MagicMock()
+        mock_bounty.id = 1
+        mock_bounty.text = "Test"
+        mock_bounty.link = None
+        mock_bounty.due_date_ts = None
+        mock_bounty.created_by_user_id = 123
+
+        with patch.object(
+            BOUNTY_SERVICE, "list_bounties", return_value=[mock_bounty]
+        ) as mock_list:
+            await cmd_bounty(update, ctx)
+            mock_list.assert_called_once_with(-456)
+            update.message.reply_text.assert_called_once()
+            call_args = update.message.reply_text.call_args[0][0]
+            assert "[#1]" in call_args
+            assert "Test" in call_args
+
+    @pytest.mark.asyncio
+    async def test_no_bounties(self):
+        update = create_mock_update()
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        with patch.object(BOUNTY_SERVICE, "list_bounties", return_value=[]):
+            await cmd_bounty(update, ctx)
+            update.message.reply_text.assert_called_once_with("No bounties yet.")
+
+
+class TestCmdMy:
+    """Test cmd_my command."""
+
+    @pytest.mark.asyncio
+    async def test_in_group_shows_tracked(self):
+        update = create_mock_update(chat_type="group")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        mock_bounty = MagicMock()
+        mock_bounty.id = 1
+        mock_bounty.text = "Tracked"
+        mock_bounty.link = None
+        mock_bounty.due_date_ts = None
+        mock_bounty.created_by_user_id = 123
+
+        with patch.object(
+            TRACKING_SERVICE, "get_tracked_bounties", return_value=[mock_bounty]
+        ) as mock_track:
+            await cmd_my(update, ctx)
+            mock_track.assert_called_once_with(-456, 123)
+            update.message.reply_text.assert_called_once()
+
+    @pytest.mark.asyncio
+    async def test_in_private_shows_personal(self):
+        update = create_mock_update(chat_type="private", chat_id=123)
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        mock_bounty = MagicMock()
+        mock_bounty.id = 2
+        mock_bounty.text = "Personal"
+        mock_bounty.link = None
+        mock_bounty.due_date_ts = None
+        mock_bounty.created_by_user_id = 123
+
+        with patch.object(
+            BOUNTY_SERVICE, "list_bounties", return_value=[mock_bounty]
+        ) as mock_list:
+            await cmd_my(update, ctx)
+            mock_list.assert_called_once_with(123)
+            update.message.reply_text.assert_called_once()
+
+    @pytest.mark.asyncio
+    async def test_no_bounties_tracked(self):
+        update = create_mock_update(chat_type="group")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        with patch.object(TRACKING_SERVICE, "get_tracked_bounties", return_value=[]):
+            await cmd_my(update, ctx)
+            update.message.reply_text.assert_called_once_with(
+                "You are not tracking any bounties."
+            )
+
+
+class TestCmdAdd:
+    """Test cmd_add command."""
+
+    @pytest.mark.asyncio
+    async def test_add_bounty_success(self):
+        update = create_mock_update(message_text="/add Fix the bug")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        mock_bounty = MagicMock()
+        mock_bounty.id = 42
+
+        with patch.object(
+            BOUNTY_SERVICE, "add_bounty", return_value=mock_bounty
+        ) as mock_add:
+            await cmd_add(update, ctx)
+            mock_add.assert_called_once()
+            call_kwargs = mock_add.call_args[1]
+            assert call_kwargs["room_id"] == -456
+            assert call_kwargs["user_id"] == 123
+            assert call_kwargs["text"] == "Fix the bug"
+            update.message.reply_text.assert_called_once()
+            assert "✅" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_add_without_args(self):
+        update = create_mock_update(message_text="/add")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_add(update, ctx)
+        update.message.reply_text.assert_called_once()
+        assert "Usage" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_add_needs_text_or_link(self):
+        update = create_mock_update(message_text="/add")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        _, link, _ = parse_args([])
+        if not "test" and not link:
+            await update.message.reply_text("A bounty needs at least text or a link.")
+            update.message.reply_text.assert_called_once()
+
+
+class TestCmdUpdate:
+    """Test cmd_update command."""
+
+    @pytest.mark.asyncio
+    async def test_update_bounty_success(self):
+        update = create_mock_update(message_text="/update 1 New text")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        with patch.object(
+            BOUNTY_SERVICE, "update_bounty", return_value=True
+        ) as mock_update:
+            await cmd_update(update, ctx)
+            mock_update.assert_called_once()
+            call_kwargs = mock_update.call_args[1]
+            assert call_kwargs["room_id"] == -456
+            assert call_kwargs["bounty_id"] == 1
+            assert call_kwargs["text"] == "New text"
+            update.message.reply_text.assert_called_once()
+            assert "✅" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_update_without_args(self):
+        update = create_mock_update(message_text="/update")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_update(update, ctx)
+        update.message.reply_text.assert_called_once()
+        assert "Usage" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_update_invalid_id(self):
+        update = create_mock_update(message_text="/update abc")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_update(update, ctx)
+        update.message.reply_text.assert_called_once_with("Invalid bounty ID.")
+
+    @pytest.mark.asyncio
+    async def test_update_permission_denied(self):
+        update = create_mock_update(message_text="/update 1 new text")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        with patch.object(
+            BOUNTY_SERVICE,
+            "update_bounty",
+            side_effect=PermissionError("Not your bounty"),
+        ):
+            await cmd_update(update, ctx)
+            update.message.reply_text.assert_called_once()
+            assert "⛔" in update.message.reply_text.call_args[0][0]
+
+
+class TestCmdDelete:
+    """Test cmd_delete command."""
+
+    @pytest.mark.asyncio
+    async def test_delete_bounty_success(self):
+        update = create_mock_update(message_text="/delete 1")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        with patch.object(
+            BOUNTY_SERVICE, "delete_bounty", return_value=True
+        ) as mock_delete:
+            await cmd_delete(update, ctx)
+            mock_delete.assert_called_once_with(room_id=-456, bounty_id=1, user_id=123)
+            update.message.reply_text.assert_called_once()
+            assert "✅" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_delete_without_args(self):
+        update = create_mock_update(message_text="/delete")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_delete(update, ctx)
+        update.message.reply_text.assert_called_once()
+        assert "Usage" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_delete_invalid_id(self):
+        update = create_mock_update(message_text="/delete abc")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_delete(update, ctx)
+        update.message.reply_text.assert_called_once_with("Invalid bounty ID.")
+
+
+class TestCmdTrack:
+    """Test cmd_track command."""
+
+    @pytest.mark.asyncio
+    async def test_track_in_group(self):
+        update = create_mock_update(chat_type="group", message_text="/track 1")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        with patch.object(
+            TRACKING_SERVICE, "track_bounty", return_value=True
+        ) as mock_track:
+            await cmd_track(update, ctx)
+            mock_track.assert_called_once_with(-456, 123, 1)
+            update.message.reply_text.assert_called_once()
+            assert "✅" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_track_not_in_group(self):
+        update = create_mock_update(chat_type="private", message_text="/track 1")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_track(update, ctx)
+        update.message.reply_text.assert_called_once()
+        assert "⛔" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_track_without_args(self):
+        update = create_mock_update(chat_type="group", message_text="/track")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_track(update, ctx)
+        update.message.reply_text.assert_called_once()
+        assert "Usage" in update.message.reply_text.call_args[0][0]
+
+
+class TestCmdUntrack:
+    """Test cmd_untrack command."""
+
+    @pytest.mark.asyncio
+    async def test_untrack_in_group(self):
+        update = create_mock_update(chat_type="group", message_text="/untrack 1")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        with patch.object(
+            TRACKING_SERVICE, "untrack_bounty", return_value=True
+        ) as mock_untrack:
+            await cmd_untrack(update, ctx)
+            mock_untrack.assert_called_once_with(-456, 123, 1)
+            update.message.reply_text.assert_called_once()
+            assert "✅" in update.message.reply_text.call_args[0][0]
+
+    @pytest.mark.asyncio
+    async def test_untrack_not_in_group(self):
+        update = create_mock_update(chat_type="private", message_text="/untrack 1")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_untrack(update, ctx)
+        update.message.reply_text.assert_called_once()
+        assert "⛔" in update.message.reply_text.call_args[0][0]
+
+
+class TestCmdStart:
+    """Test cmd_start command."""
+
+    @pytest.mark.asyncio
+    async def test_start_in_group(self):
+        update = create_mock_update(chat_type="group")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_start(update, ctx)
+        update.message.reply_text.assert_called_once()
+        text = update.message.reply_text.call_args[0][0]
+        assert "👻" in text
+        assert "/bounty" in text
+
+    @pytest.mark.asyncio
+    async def test_start_in_private(self):
+        update = create_mock_update(chat_type="private")
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_start(update, ctx)
+        update.message.reply_text.assert_called_once()
+        text = update.message.reply_text.call_args[0][0]
+        assert "👻" in text
+        assert "/my" in text
+
+
+class TestCmdHelp:
+    """Test cmd_help command."""
+
+    @pytest.mark.asyncio
+    async def test_help_shows_commands(self):
+        update = create_mock_update()
+        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
+
+        await cmd_help(update, ctx)
+        update.message.reply_text.assert_called_once()
+        text = update.message.reply_text.call_args[0][0]
+        assert "/bounty" in text
+        assert "/add" in text
+        assert "/help" in text

config.py

@@ -13,7 +13,21 @@ class Config:
 
     def __init__(self):
         self.data_dir: Path = self._resolve_data_dir()
-        self.bot_token: Optional[str] = os.environ.get("JIGAIDO_BOT_TOKEN")
+        self.bot_token: Optional[str] = self._resolve_bot_token()
+
+    def _resolve_bot_token(self) -> Optional[str]:
+        env_token = os.environ.get("JIGAIDO_BOT_TOKEN")
+        if env_token:
+            return env_token
+
+        config_file = Path("~/.jigaido/config.json").expanduser()
+        if config_file.exists():
+            with open(config_file) as f:
+                config_data = json.load(f)
+                if "JIGAIDO_BOT_TOKEN" in config_data:
+                    return config_data["JIGAIDO_BOT_TOKEN"]
+
+        return None
 
     def _resolve_data_dir(self) -> Path:
         env_dir = os.environ.get("JIGAIDO_DATA_DIR")
@@ -35,3 +49,6 @@ class Config:
 
 
 config = Config()
+
+
+config = Config()

core/models.py

@@ -9,6 +9,9 @@ class Bounty:
 
     The created_by_user_id field always refers to the user who created the bounty.
     It does NOT indicate whether the bounty is a group or personal bounty.
+
+    The deleted_at field indicates soft-delete: None means not deleted,
+    a value means deleted at that Unix timestamp.
     """
 
     id: int
@@ -17,6 +20,8 @@ class Bounty:
     due_date_ts: int | None
     created_at: int
     created_by_user_id: int
+    deleted_at: int | None = None
+    created_by_username: str | None = None
 
 
 @dataclass
@@ -37,11 +42,20 @@ class RoomData:
 
     The room_id can be negative for Telegram groups or positive for DMs.
     The next_id field is used to generate unique bounty IDs within this room.
+
+    The timezone field stores the room's timezone (e.g., "Asia/Jakarta"), default UTC+0.
+    The admin_user_ids field lists users who have admin privileges in this room.
     """
 
     room_id: int
     bounties: list[Bounty]
     next_id: int
+    timezone: str | None = None
+    admin_user_ids: list[int] | None = None
+
+    def __post_init__(self):
+        if self.admin_user_ids is None:
+            self.admin_user_ids = []
 
 
 @dataclass

core/ports.py

@@ -40,6 +40,25 @@ class RoomStorage(Protocol):
         """Get a specific bounty from a room by ID."""
         ...
 
+    def list_bounties(self, room_id: int) -> list[Bounty]:
+        """List all non-deleted bounties in a room.
+
+        Soft-deleted bounties (where deleted_at is not None) are excluded.
+        """
+        ...
+
+    def list_all_bounties(
+        self, room_id: int, include_deleted: bool = True
+    ) -> list[Bounty]:
+        """List all bounties including or excluding soft-deleted.
+
+        Args:
+            room_id: The room ID
+            include_deleted: If True, return all bounties including soft-deleted.
+                           If False, return only non-deleted bounties.
+        """
+        ...
+
 
 @runtime_checkable
 class TrackingStorage(Protocol):

core/services.py

@@ -15,11 +15,108 @@ class BountyService:
     - Positive room_id: DM/personal context (user's Telegram ID)
 
     This service handles both group and personal bounties through room_id.
+
+    Permissions:
+    - /add, /edit, /delete: admin only
+    - /admin, /admin add, /admin remove: admin only
+    - /bounty, /show, /track, /untrack, /my: everyone
     """
 
     def __init__(self, storage: RoomStorage):
         self._storage = storage
 
+    def is_admin(self, room_id: int, user_id: int) -> bool:
+        """Check if user is admin in a room."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return False
+        return user_id in (room_data.admin_user_ids or [])
+
+    def add_admin(
+        self, room_id: int, admin_user_id: int, requesting_user_id: int
+    ) -> None:
+        """Add an admin to a room. Requires admin permission, or self-promotion if first admin."""
+        room_data = self._storage.load(room_id)
+
+        has_no_admins = room_data is None or not room_data.admin_user_ids
+        is_self_promotion = requesting_user_id == admin_user_id
+
+        if not self.is_admin(room_id, requesting_user_id):
+            if not (has_no_admins and is_self_promotion):
+                raise PermissionError("Only admins can add admins.")
+
+        if room_data is None or room_data.admin_user_ids is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=1, admin_user_ids=[]
+            )
+
+        if admin_user_id not in (room_data.admin_user_ids or []):
+            room_data.admin_user_ids.append(admin_user_id)
+            self._storage.save(room_data)
+
+    def remove_admin(
+        self, room_id: int, admin_user_id: int, requesting_user_id: int
+    ) -> None:
+        """Remove an admin from a room. Requires admin permission."""
+        if not self.is_admin(room_id, requesting_user_id):
+            raise PermissionError("Only admins can remove admins.")
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return
+
+        if admin_user_id in (room_data.admin_user_ids or []):
+            (room_data.admin_user_ids or []).remove(admin_user_id)
+            self._storage.save(room_data)
+
+    def list_admins(self, room_id: int) -> list[int]:
+        """List all admin user IDs in a room."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return []
+        return list(room_data.admin_user_ids or [])
+
+    def set_timezone(
+        self, room_id: int, timezone: str, requesting_user_id: int
+    ) -> None:
+        """Set the timezone for a room. Requires admin permission."""
+        if not self.is_admin(room_id, requesting_user_id):
+            raise PermissionError("Only admins can set timezone.")
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=1, admin_user_ids=[]
+            )
+
+        room_data.timezone = timezone
+        self._storage.save(room_data)
+
+    def get_timezone(self, room_id: int) -> str:
+        """Get the timezone for a room. Returns UTC+0 if not set."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return "UTC+0"
+        return room_data.timezone or "UTC+0"
+
+    def check_link_unique(
+        self, room_id: int, link: str | None, exclude_bounty_id: int | None = None
+    ) -> bool:
+        """Check if a link is unique within a room (not used by another bounty)."""
+        if not link:
+            return True
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return True
+
+        for bounty in room_data.bounties:
+            if bounty.deleted_at is not None:
+                continue
+            if bounty.link == link and bounty.id != exclude_bounty_id:
+                return False
+        return True
+
     def add_bounty(
         self,
         room_id: int,
@@ -27,8 +124,15 @@ class BountyService:
         text: Optional[str] = None,
         link: Optional[str] = None,
         due_date_ts: Optional[int] = None,
+        created_by_username: Optional[str] = None,
     ) -> Bounty:
-        """Add a new bounty to the room."""
+        """Add a new bounty to the room. Requires admin permission."""
+        if not self.is_admin(room_id, user_id):
+            raise PermissionError("Only admins can add bounties.")
+
+        if not self.check_link_unique(room_id, link):
+            raise ValueError("A bounty with this link already exists in this room.")
+
         room_data = self._storage.load(room_id)
         if room_data is None:
             room_data = RoomData(room_id=room_id, bounties=[], next_id=1)
@@ -38,6 +142,7 @@ class BountyService:
         bounty = Bounty(
             id=room_data.next_id,
             created_by_user_id=user_id,
+            created_by_username=created_by_username,
             text=text,
             link=link,
             due_date_ts=due_date_ts,
@@ -47,15 +152,58 @@ class BountyService:
         return bounty
 
     def list_bounties(self, room_id: int) -> list[Bounty]:
-        """List all bounties in a room."""
-        room_data = self._storage.load(room_id)
-        if room_data is None:
-            return []
-        return room_data.bounties
+        """List all non-deleted bounties in a room."""
+        return self._storage.list_bounties(room_id)
+
+    def list_deleted_bounties(self, room_id: int) -> list[Bounty]:
+        """List all soft-deleted bounties in a room. For /recover functionality."""
+        all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
+        return [b for b in all_bounties if b.deleted_at is not None]
+
+    def get_deleted_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
+        """Get a specific soft-deleted bounty by ID."""
+        all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
+        for b in all_bounties:
+            if b.id == bounty_id and b.deleted_at is not None:
+                return b
+        return None
+
+    def recover_bounty(self, room_id: int, bounty_id: int, user_id: int) -> str:
+        """Recover a soft-deleted bounty. Admin only.
+
+        Returns: 'recovered', 'not_found', 'not_deleted', 'permission_denied'
+        """
+        if not self.is_admin(room_id, user_id):
+            return "permission_denied"
+
+        bounty = self.get_deleted_bounty(room_id, bounty_id)
+        if not bounty:
+            return "not_found"
+        if bounty.deleted_at is None:
+            return "not_deleted"
+
+        bounty.deleted_at = None
+        self._storage.update_bounty(room_id, bounty)
+        return "recovered"
+
+    def recover_bounties(
+        self, room_id: int, bounty_ids: list[int], user_id: int
+    ) -> dict[int, str]:
+        """Recover multiple soft-deleted bounties. Admin only.
+
+        Returns dict of bounty_id -> result ('recovered', 'not_found', 'not_deleted', 'permission_denied')
+        """
+        results = {}
+        for bounty_id in bounty_ids:
+            results[bounty_id] = self.recover_bounty(room_id, bounty_id, user_id)
+        return results
 
     def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
-        """Get a specific bounty by ID."""
-        return self._storage.get_bounty(room_id, bounty_id)
+        """Get a specific bounty by ID. Excludes soft-deleted bounties."""
+        bounty = self._storage.get_bounty(room_id, bounty_id)
+        if bounty and bounty.deleted_at is not None:
+            return None
+        return bounty
 
     def update_bounty(
         self,
@@ -68,12 +216,17 @@ class BountyService:
         clear_link: bool = False,
         clear_due: bool = False,
     ) -> bool:
-        """Update a bounty. Only creator can update."""
+        """Update a bounty. Only admins can update."""
         bounty = self._storage.get_bounty(room_id, bounty_id)
         if not bounty:
             return False
-        if bounty.created_by_user_id != user_id:
-            raise PermissionError("Only the creator can edit this bounty.")
+        if not self.is_admin(room_id, user_id):
+            raise PermissionError("Only admins can edit bounties.")
+
+        if link and not self.check_link_unique(
+            room_id, link, exclude_bounty_id=bounty_id
+        ):
+            raise ValueError("A bounty with this link already exists in this room.")
 
         updated = Bounty(
             id=bounty.id,
@@ -84,21 +237,46 @@ class BountyService:
             if clear_due
             else (due_date_ts if due_date_ts is not None else bounty.due_date_ts),
             created_at=bounty.created_at,
+            deleted_at=bounty.deleted_at,
+            created_by_username=bounty.created_by_username,
         )
         self._storage.update_bounty(room_id, updated)
         return True
 
     def delete_bounty(self, room_id: int, bounty_id: int, user_id: int) -> bool:
-        """Delete a bounty. Only creator can delete."""
+        """Soft delete a bounty. Only admins can delete."""
         bounty = self._storage.get_bounty(room_id, bounty_id)
         if not bounty:
             return False
-        if bounty.created_by_user_id != user_id:
-            raise PermissionError("Only the creator can delete this bounty.")
+        if not self.is_admin(room_id, user_id):
+            raise PermissionError("Only admins can delete bounties.")
 
-        self._storage.delete_bounty(room_id, bounty_id)
+        bounty.deleted_at = int(time.time())
+        self._storage.update_bounty(room_id, bounty)
         return True
 
+    def delete_bounties(
+        self, room_id: int, bounty_ids: list[int], user_id: int
+    ) -> dict[int, str]:
+        """Soft delete multiple bounties. Returns dict of bounty_id -> result.
+
+        Results can be: 'deleted', 'not_found', 'permission_denied'
+        """
+        results = {}
+        for bounty_id in bounty_ids:
+            bounty = self._storage.get_bounty(room_id, bounty_id)
+            if not bounty:
+                results[bounty_id] = "not_found"
+                continue
+            if not self.is_admin(room_id, user_id):
+                results[bounty_id] = "permission_denied"
+                continue
+
+            bounty.deleted_at = int(time.time())
+            self._storage.update_bounty(room_id, bounty)
+            results[bounty_id] = "deleted"
+        return results
+
 
 class TrackingService:
     """Service for tracking bounty operations."""
@@ -147,7 +325,7 @@ class TrackingService:
         if room_data is None:
             return []
 
-        bounty_map = {b.id: b for b in room_data.bounties}
+        bounty_map = {b.id: b for b in room_data.bounties if b.deleted_at is None}
         return [
             bounty_map[t.bounty_id]
             for t in tracking_data.tracked

tests/test_config.py

@@ -47,10 +47,27 @@ class TestConfigDataDir:
             assert cfg.bot_token == "test_token_123"
 
     def test_bot_token_none_when_not_set(self):
-        """Test that bot_token is None when JIGAIDO_BOT_TOKEN not set."""
+        """Test that bot_token is None when JIGAIDO_BOT_TOKEN not set and no config file."""
         with patch.dict(os.environ, {}, clear=True):
-            cfg = Config()
-            assert cfg.bot_token is None
+            with patch("pathlib.Path.exists", return_value=False):
+                cfg = Config()
+                assert cfg.bot_token is None
+
+    def test_bot_token_from_config_file(self):
+        """Test that bot_token is read from config file when env var not set."""
+        config_dir = Path.home() / ".jigaido"
+        config_file = config_dir / "config.json"
+        with patch.dict(os.environ, {}, clear=True):
+            with patch("pathlib.Path.expanduser", return_value=config_file):
+                with patch("pathlib.Path.exists", return_value=True):
+                    with patch("builtins.open", create=True) as mock_open:
+                        mock_open.return_value.__enter__ = lambda s: s
+                        mock_open.return_value.__exit__ = lambda *a: None
+                        mock_open.return_value.read = lambda: (
+                            '{"JIGAIDO_BOT_TOKEN": "config_token"}'
+                        )
+                        cfg = Config()
+                        assert cfg.bot_token == "config_token"
 
 
 class TestConfigEnsureDataDir:

tests/test_models.py

@@ -28,6 +28,22 @@ class TestBounty:
         assert b.due_date_ts == 1735689600
         assert b.created_at == 1735603200
         assert b.created_by_user_id == 123
+        assert b.deleted_at is None
+        assert b.created_by_username is None
+
+    def test_bounty_with_new_fields(self):
+        b = Bounty(
+            id=1,
+            text="Fix the bug",
+            link="https://github.com/example/repo/issues/1",
+            due_date_ts=1735689600,
+            created_at=1735603200,
+            created_by_user_id=123,
+            deleted_at=1736200000,
+            created_by_username="johndoe",
+        )
+        assert b.deleted_at == 1736200000
+        assert b.created_by_username == "johndoe"
 
     def test_bounty_optional_fields_can_be_none(self):
         b = Bounty(
@@ -41,6 +57,8 @@ class TestBounty:
         assert b.text is None
         assert b.link is None
         assert b.due_date_ts is None
+        assert b.deleted_at is None
+        assert b.created_by_username is None
 
     def test_bounty_comparison_equal(self):
         b1 = Bounty(
@@ -103,6 +121,8 @@ class TestRoomData:
         assert rd.room_id == -1001
         assert rd.bounties == []
         assert rd.next_id == 1
+        assert rd.timezone is None
+        assert rd.admin_user_ids == []
 
     def test_create_dm_room_data(self):
         rd = RoomData(
@@ -113,6 +133,8 @@ class TestRoomData:
         assert rd.room_id == 123456
         assert rd.bounties == []
         assert rd.next_id == 1
+        assert rd.timezone is None
+        assert rd.admin_user_ids == []
 
     def test_room_data_with_bounties(self):
         b = Bounty(
@@ -128,6 +150,25 @@ class TestRoomData:
         assert rd.bounties[0].text == "Task"
         assert rd.bounties[0].created_by_user_id == 123
 
+    def test_room_data_with_new_fields(self):
+        rd = RoomData(
+            room_id=-1001,
+            bounties=[],
+            next_id=1,
+            timezone="Asia/Jakarta",
+            admin_user_ids=[123, 456],
+        )
+        assert rd.timezone == "Asia/Jakarta"
+        assert rd.admin_user_ids == [123, 456]
+
+    def test_room_data_admin_user_ids_defaults_to_empty_list(self):
+        rd = RoomData(
+            room_id=-1001,
+            bounties=[],
+            next_id=1,
+        )
+        assert rd.admin_user_ids == []
+
 
 class TestTrackingData:
     def test_create_tracking_data(self):

tests/test_ports.py

@@ -48,6 +48,20 @@ class SimpleRoomStorage:
                     return b
         return None
 
+    def list_bounties(self, room_id: int) -> list[Bounty]:
+        if room_id not in self._rooms:
+            return []
+        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
+
+    def list_all_bounties(
+        self, room_id: int, include_deleted: bool = True
+    ) -> list[Bounty]:
+        if room_id not in self._rooms:
+            return []
+        if include_deleted:
+            return self._rooms[room_id].bounties
+        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
+
 
 class SimpleTrackingStorage:
     """Minimal mock without ensure_tracking - tests if track_bounty works without it.
@@ -119,6 +133,20 @@ class MockRoomStorage:
                     return b
         return None
 
+    def list_bounties(self, room_id: int) -> list[Bounty]:
+        if room_id not in self._rooms:
+            return []
+        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
+
+    def list_all_bounties(
+        self, room_id: int, include_deleted: bool = True
+    ) -> list[Bounty]:
+        if room_id not in self._rooms:
+            return []
+        if include_deleted:
+            return self._rooms[room_id].bounties
+        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
+
 
 class MockTrackingStorage:
     """Mock implementation of TrackingStorage for testing."""

tests/test_services.py

@@ -15,18 +15,32 @@ class TestBountyService:
         """Set up fresh storage and service for each test."""
         self.storage = MockRoomStorage()
         self.service = BountyService(self.storage)
+        self.admin_user_id = 123
+        self._make_admin(-1001, self.admin_user_id)
+
+    def _make_admin(self, room_id: int, user_id: int):
+        """Helper to set up a room with an admin user."""
+        room_data = self.storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=0, admin_user_ids=[]
+            )
+        if user_id not in (room_data.admin_user_ids or []):
+            room_data.admin_user_ids = room_data.admin_user_ids or []
+            room_data.admin_user_ids.append(user_id)
+        self.storage.save(room_data)
 
     def test_add_bounty_creates_room_if_not_exists(self):
         """Test that add_bounty creates a new room if it doesn't exist."""
         bounty = self.service.add_bounty(
             room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Fix bug",
             link="https://github.com/issue/1",
         )
         assert bounty.id == 1
         assert bounty.text == "Fix bug"
-        assert bounty.created_by_user_id == 123
+        assert bounty.created_by_user_id == self.admin_user_id
 
         room = self.storage.load(-1001)
         assert room is not None
@@ -34,14 +48,25 @@ class TestBountyService:
 
     def test_add_bounty_increments_id(self):
         """Test that add_bounty increments bounty ID for each new bounty."""
-        b1 = self.service.add_bounty(room_id=-1001, user_id=123, text="First")
-        b2 = self.service.add_bounty(room_id=-1001, user_id=123, text="Second")
-        b3 = self.service.add_bounty(room_id=-1001, user_id=123, text="Third")
+        b1 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="First"
+        )
+        b2 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Second"
+        )
+        b3 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Third"
+        )
 
         assert b1.id == 1
         assert b2.id == 2
         assert b3.id == 3
 
+    def test_add_bounty_requires_admin(self):
+        """Test that add_bounty raises PermissionError when non-admin tries to add."""
+        with pytest.raises(PermissionError, match="Only admins can add bounties"):
+            self.service.add_bounty(room_id=-1001, user_id=999, text="Not admin")
+
     def test_list_bounties_empty_room(self):
         """Test list_bounties returns empty list for non-existent room."""
         bounties = self.service.list_bounties(-1001)
@@ -49,9 +74,15 @@ class TestBountyService:
 
     def test_list_bounties_returns_all_bounties(self):
         """Test list_bounties returns all bounties in a room."""
-        self.service.add_bounty(room_id=-1001, user_id=123, text="First")
-        self.service.add_bounty(room_id=-1001, user_id=123, text="Second")
-        self.service.add_bounty(room_id=-999, user_id=123, text="Other room")
+        self.service.add_bounty(room_id=-1001, user_id=self.admin_user_id, text="First")
+        self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Second"
+        )
+        # Add bounty to different room to verify isolation
+        self._make_admin(-999, self.admin_user_id)
+        self.service.add_bounty(
+            room_id=-999, user_id=self.admin_user_id, text="Other room"
+        )
 
         bounties = self.service.list_bounties(-1001)
         assert len(bounties) == 2
@@ -59,7 +90,9 @@ class TestBountyService:
 
     def test_get_bounty_found(self):
         """Test get_bounty returns bounty when it exists."""
-        created = self.service.add_bounty(room_id=-1001, user_id=123, text="Test")
+        created = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Test"
+        )
         found = self.service.get_bounty(-1001, created.id)
         assert found is not None
         assert found.text == "Test"
@@ -71,31 +104,35 @@ class TestBountyService:
 
     def test_get_bounty_wrong_room(self):
         """Test get_bounty returns None when bounty is in different room."""
-        self.service.add_bounty(room_id=-1001, user_id=123, text="Test")
+        self.service.add_bounty(room_id=-1001, user_id=self.admin_user_id, text="Test")
         found = self.service.get_bounty(-999, 1)  # room -999 doesn't have bounty 1
         assert found is None
 
     def test_update_bounty_success(self):
-        """Test update_bounty succeeds when creator updates their bounty."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="Original")
+        """Test update_bounty succeeds when admin updates their bounty."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Original"
+        )
         result = self.service.update_bounty(
             room_id=-1001,
             bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Updated",
         )
         assert result is True
         updated = self.service.get_bounty(-1001, bounty.id)
         assert updated.text == "Updated"
 
-    def test_update_bounty_not_creator_raises_permission_error(self):
-        """Test update_bounty raises PermissionError when non-creator tries to update."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="Original")
-        with pytest.raises(PermissionError, match="Only the creator can edit"):
+    def test_update_bounty_not_admin_raises_permission_error(self):
+        """Test update_bounty raises PermissionError when non-admin tries to update."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Original"
+        )
+        with pytest.raises(PermissionError, match="Only admins can edit bounties"):
             self.service.update_bounty(
                 room_id=-1001,
                 bounty_id=bounty.id,
-                user_id=999,  # different user
+                user_id=999,  # different user, not admin
                 text="Hacked",
             )
 
@@ -104,7 +141,7 @@ class TestBountyService:
         result = self.service.update_bounty(
             room_id=-1001,
             bounty_id=999,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Updated",
         )
         assert result is False
@@ -113,14 +150,14 @@ class TestBountyService:
         """Test update_bounty only updates provided fields."""
         bounty = self.service.add_bounty(
             room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Original",
             link="https://original.link",
         )
         self.service.update_bounty(
             room_id=-1001,
             bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Updated only text",
         )
         updated = self.service.get_bounty(-1001, bounty.id)
@@ -131,37 +168,88 @@ class TestBountyService:
         """Test update_bounty can clear link."""
         bounty = self.service.add_bounty(
             room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Test",
             link="https://original.link",
         )
         self.service.update_bounty(
             room_id=-1001,
             bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
             clear_link=True,
         )
         updated = self.service.get_bounty(-1001, bounty.id)
         assert updated.link is None
 
     def test_delete_bounty_success(self):
-        """Test delete_bounty succeeds when creator deletes their bounty."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="To delete")
-        result = self.service.delete_bounty(-1001, bounty.id, 123)
+        """Test delete_bounty soft deletes when admin deletes their bounty."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        result = self.service.delete_bounty(-1001, bounty.id, self.admin_user_id)
         assert result is True
+        # Soft delete - bounty should not be found via get_bounty
         assert self.service.get_bounty(-1001, bounty.id) is None
+        # But still exists in list_deleted_bounties
+        deleted = self.service.list_deleted_bounties(-1001)
+        assert len(deleted) == 1
+        assert deleted[0].id == bounty.id
 
-    def test_delete_bounty_not_creator_raises_permission_error(self):
-        """Test delete_bounty raises PermissionError when non-creator tries to delete."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="To delete")
-        with pytest.raises(PermissionError, match="Only the creator can delete"):
-            self.service.delete_bounty(-1001, bounty.id, 999)  # different user
+    def test_delete_bounty_not_admin_raises_permission_error(self):
+        """Test delete_bounty raises PermissionError when non-admin tries to delete."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        with pytest.raises(PermissionError, match="Only admins can delete bounties"):
+            self.service.delete_bounty(
+                -1001, bounty.id, 999
+            )  # different user, not admin
 
     def test_delete_bounty_not_found(self):
         """Test delete_bounty returns False when bounty doesn't exist."""
-        result = self.service.delete_bounty(-1001, 999, 123)
+        result = self.service.delete_bounty(-1001, 999, self.admin_user_id)
         assert result is False
 
+    def test_delete_bounties_multi_id_success(self):
+        """Test delete_bounties returns individual results for multiple bounties."""
+        bounty1 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete 1"
+        )
+        bounty2 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete 2"
+        )
+        results = self.service.delete_bounties(
+            -1001, [bounty1.id, bounty2.id], self.admin_user_id
+        )
+        assert results == {bounty1.id: "deleted", bounty2.id: "deleted"}
+        # Verify both are soft deleted
+        assert self.service.get_bounty(-1001, bounty1.id) is None
+        assert self.service.get_bounty(-1001, bounty2.id) is None
+
+    def test_delete_bounties_mixed_results(self):
+        """Test delete_bounties returns not_found for non-existent bounties."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        results = self.service.delete_bounties(
+            -1001, [bounty.id, 999, 888], self.admin_user_id
+        )
+        assert results == {bounty.id: "deleted", 999: "not_found", 888: "not_found"}
+
+    def test_delete_bounties_permission_denied(self):
+        """Test delete_bounties returns permission_denied for non-admin users."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        results = self.service.delete_bounties(
+            -1001,
+            [bounty.id],
+            999,  # non-admin user
+        )
+        assert results == {bounty.id: "permission_denied"}
+        # Verify bounty was NOT deleted
+        assert self.service.get_bounty(-1001, bounty.id) is not None
+
 
 class TestTrackingService:
     """Unit tests for TrackingService."""
@@ -171,9 +259,27 @@ class TestTrackingService:
         self.room_storage = MockRoomStorage()
         self.tracking_storage = MockTrackingStorage()
         self.service = TrackingService(self.tracking_storage, self.room_storage)
+        self.admin_user_id = 123
+        self._make_admin(-1001, self.admin_user_id)
+
+    def _make_admin(self, room_id: int, user_id: int):
+        """Helper to set up a room with an admin user."""
+        room_data = self.room_storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=0, admin_user_ids=[]
+            )
+        if user_id not in (room_data.admin_user_ids or []):
+            room_data.admin_user_ids = room_data.admin_user_ids or []
+            room_data.admin_user_ids.append(user_id)
+        self.room_storage.save(room_data)
 
     def _add_bounty(self, room_id=-1001, user_id=123, text="Test bounty"):
         """Helper to add a bounty for tracking tests."""
+        if self.room_storage.load(room_id) is None or user_id not in (
+            self.room_storage.load(room_id).admin_user_ids or []
+        ):
+            self._make_admin(room_id, user_id)
         bounty_service = BountyService(self.room_storage)
         return bounty_service.add_bounty(room_id=room_id, user_id=user_id, text=text)