feat: implement /recover command and fix /admin list

- Add /recover command for listing and recovering soft-deleted bounties
  - /recover - list recoverable bounties (admin only)
  - /recover <id> [<id>...] - recover specific bounties (admin only)
- Fix /admin list to show @username instead of admin_id
- Add recover_bounty and recover_bounties methods to BountyService
- Add get_deleted_bounty method to BountyService
- Clean up duplicate cmd_admin functions
- Add /recover to bot command menu
- Fixes #49 and #50

apps/telegram-bot/bot.py

@@ -8,13 +8,16 @@ from telegram.ext import Application, CommandHandler, MessageHandler, filters
 
 from commands import (
     cmd_add,
+    cmd_admin,
     cmd_bounty,
     cmd_delete,
     cmd_edit,
     cmd_help,
     cmd_my,
+    cmd_recover,
     cmd_show,
     cmd_start,
+    cmd_timezone,
     cmd_track,
     cmd_untrack,
     cmd_update,
@@ -43,6 +46,9 @@ def build_app() -> Application:
     app.add_handler(CommandHandler("track", cmd_track))
     app.add_handler(CommandHandler("untrack", cmd_untrack))
     app.add_handler(CommandHandler("show", cmd_show))
+    app.add_handler(CommandHandler("timezone", cmd_timezone))
+    app.add_handler(CommandHandler("admin", cmd_admin))
+    app.add_handler(CommandHandler("recover", cmd_recover))
 
     app.add_handler(MessageHandler(filters.COMMAND, cmd_help))
 
@@ -59,6 +65,9 @@ async def post_init(app: Application) -> None:
             ("track", "Track a bounty"),
             ("untrack", "Stop tracking"),
             ("show", "Show bounty details"),
+            ("timezone", "Get/set room timezone"),
+            ("admin", "Manage admins"),
+            ("recover", "Recover deleted bounties"),
             ("help", "Show help"),
         ]
     )

apps/telegram-bot/commands.py

@@ -1,7 +1,7 @@
 """Telegram command handlers for JIGAIDO - Thin wrappers around core services."""
 
 import time
-from datetime import datetime
+from datetime import datetime, timezone
 from functools import wraps
 from typing import Optional
 from zoneinfo import ZoneInfo, ZoneInfoNotFoundError
@@ -114,9 +114,7 @@ def parse_args(
     return text, link, due_date_ts, clear_link, clear_date
 
 
-def format_bounty(
+def format_bounty(b, show_id: bool = True, slice_length: int = 0) -> str:
-    b, show_id: bool = True, slice_length: int = 0, room_id: int | None = None
-) -> str:
     parts = []
     if show_id:
         parts.append(f"[#{b.id}]")
@@ -128,11 +126,7 @@ def format_bounty(
     if b.link:
         parts.append(f"🔗 {b.link}")
     if b.due_date_ts:
-        timezone_str = "UTC"
+        due_str = time.strftime("%d %b %Y", time.localtime(b.due_date_ts))
-        if room_id is not None:
-            timezone_str = BOUNTY_SERVICE.get_timezone(room_id)
-
-        due_str = format_due_date(b.due_date_ts, timezone_str)
         days_left = (b.due_date_ts - int(time.time())) // 86400
         if days_left < 0:
             parts.append(f"⏰ {due_str} (OVERDUE)")
@@ -140,8 +134,6 @@ def format_bounty(
             parts.append(f"⏰ Today (OVERDUE)")
         else:
             parts.append(f"⏰ {due_str} ({days_left}d)")
-    if b.created_by_user_id:
-        parts.append(f"by {b.created_by_user_id}")
     return " | ".join(parts)
 
 
@@ -220,9 +212,7 @@ async def cmd_bounty(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         slice_length = 0
 
     for b in displayed_bounties:
-        lines.append(
+        lines.append(format_bounty(b, show_id=True, slice_length=slice_length))
-            format_bounty(b, show_id=True, slice_length=slice_length, room_id=room_id)
-        )
 
     await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
 
@@ -247,7 +237,7 @@ async def cmd_my(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         await update.message.reply_text(msg)
         return
 
-    lines = [format_bounty(b, show_id=True, room_id=room_id) for b in bounties]
+    lines = [format_bounty(b, show_id=True) for b in bounties]
     await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
 
 
@@ -268,13 +258,20 @@ async def cmd_add(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     user_id = get_user_id(update)
     room_id = get_room_id(update)
 
-    bounty = BOUNTY_SERVICE.add_bounty(
+    try:
-        room_id=room_id,
+        bounty = BOUNTY_SERVICE.add_bounty(
-        user_id=user_id,
+            room_id=room_id,
-        text=text,
+            user_id=user_id,
-        link=link,
+            text=text,
-        due_date_ts=due_date_ts,
+            link=link,
-    )
+            due_date_ts=due_date_ts,
+        )
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
+    except ValueError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
 
     due_str = ""
     if due_date_ts:
@@ -351,11 +348,11 @@ cmd_edit = cmd_update
 async def cmd_delete(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     args = extract_args(update.message.text)
     if not args:
-        await update.message.reply_text("Usage: /delete <bounty_id>")
+        await update.message.reply_text("Usage: /delete <bounty_id> [bounty_id ...]")
         return
 
     try:
-        bounty_id = int(args[0])
+        bounty_ids = [int(arg) for arg in args]
     except ValueError:
         await update.message.reply_text("Invalid bounty ID.")
         return
@@ -364,19 +361,25 @@ async def cmd_delete(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     room_id = get_room_id(update)
 
     try:
-        success = BOUNTY_SERVICE.delete_bounty(
+        results = BOUNTY_SERVICE.delete_bounties(
             room_id=room_id,
-            bounty_id=bounty_id,
+            bounty_ids=bounty_ids,
             user_id=user_id,
         )
     except PermissionError as e:
         await update.message.reply_text(f"⛔ {e}")
         return
 
-    if success:
+    response_lines = []
-        await update.message.reply_text(f"✅ Bounty #{bounty_id} deleted.")
+    for bounty_id, result in results.items():
-    else:
+        if result == "deleted":
-        await update.message.reply_text("Bounty not found.")
+            response_lines.append(f"✅ Bounty #{bounty_id} deleted.")
+        elif result == "not_found":
+            response_lines.append(f"⛔ Bounty #{bounty_id} not found.")
+        elif result == "permission_denied":
+            response_lines.append(f"⛔ Bounty #{bounty_id} permission denied.")
+
+    await update.message.reply_text("\n".join(response_lines))
 
 
 async def cmd_track(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
@@ -482,8 +485,8 @@ async def cmd_show(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         lines.append(f"🔗 {bounty.link}")
 
     if bounty.due_date_ts:
-        due_str = format_due_date(bounty.due_date_ts, timezone)
+        due_str = time.strftime("%d %B %Y %H:%M", time.localtime(bounty.due_date_ts))
-        lines.append(f"📅 {due_str}")
+        lines.append(f"📅 {due_str} ({timezone})")
 
     username = bounty.created_by_username or f"user#{bounty.created_by_user_id}"
     lines.append(f"👤 @{username}")
@@ -494,20 +497,199 @@ async def cmd_show(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
 
 
+async def cmd_timezone(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+    room_id = get_room_id(update)
+    user_id = get_user_id(update)
+
+    if not args:
+        current_tz = BOUNTY_SERVICE.get_timezone(room_id)
+        await update.message.reply_text(f"Current timezone: {current_tz}")
+        return
+
+    timezone_str = args[0]
+
+    try:
+        ZoneInfo(timezone_str)
+    except (KeyError, ZoneInfoNotFoundError):
+        await update.message.reply_text(
+            "⛔ Invalid timezone. Use IANA format (e.g., Asia/Jakarta)"
+        )
+        return
+
+    try:
+        BOUNTY_SERVICE.set_timezone(room_id, timezone_str, user_id)
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
+
+    await update.message.reply_text(f"✅ Timezone set to {timezone_str}.")
+
+
+async def cmd_recover(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+    room_id = get_room_id(update)
+    user_id = get_user_id(update)
+
+    if not BOUNTY_SERVICE.is_admin(room_id, user_id):
+        await update.message.reply_text("⛔ Only admins can perform this action.")
+        return
+
+    if not args:
+        deleted_bounties = BOUNTY_SERVICE.list_deleted_bounties(room_id)
+        if not deleted_bounties:
+            await update.message.reply_text("No recoverable bounties.")
+            return
+
+        deleted_bounties.sort(key=lambda b: b.deleted_at or 0, reverse=True)
+
+        lines = ["Recoverable bounties:"]
+        for b in deleted_bounties[:10]:
+            text = (
+                b.text[:40] + "..."
+                if b.text and len(b.text) > 40
+                else (b.text or "(no text)")
+            )
+            link_str = f" | 🔗 {b.link}" if b.link else ""
+            deleted_str = (
+                time.strftime("%d %b %Y", time.localtime(b.deleted_at))
+                if b.deleted_at
+                else "unknown"
+            )
+            lines.append(f"[#{b.id}] {text}{link_str} | 🗑️ Deleted {deleted_str}")
+
+        await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
+        return
+
+    try:
+        bounty_ids = [int(arg) for arg in args]
+    except ValueError:
+        await update.message.reply_text("Invalid bounty ID.")
+        return
+
+    results = BOUNTY_SERVICE.recover_bounties(room_id, bounty_ids, user_id)
+
+    response_lines = []
+    for bounty_id, result in results.items():
+        if result == "recovered":
+            response_lines.append(f"✅ Recovered bounty #{bounty_id}.")
+        elif result == "not_found":
+            response_lines.append(f"⛔ Bounty #{bounty_id} not found.")
+        elif result == "not_deleted":
+            response_lines.append(f"⛔ Bounty #{bounty_id} is not deleted.")
+        elif result == "permission_denied":
+            response_lines.append(f"⛔ Bounty #{bounty_id} permission denied.")
+
+    await update.message.reply_text("\n".join(response_lines))
+
+
+def _find_user_id_by_username(room_id: int, username: str) -> int | None:
+    """Find user_id by username from bounty creators in the room."""
+    bounties = BOUNTY_SERVICE.list_bounties(room_id)
+    for bounty in bounties:
+        if (
+            bounty.created_by_username
+            and bounty.created_by_username.lower() == username.lower()
+        ):
+            return bounty.created_by_user_id
+    return None
+
+
+def _find_username_by_user_id(room_id: int, user_id: int) -> str | None:
+    """Find username by user_id from bounty creators in the room."""
+    bounties = BOUNTY_SERVICE.list_bounties(room_id)
+    for bounty in bounties:
+        if bounty.created_by_user_id == user_id:
+            return bounty.created_by_username
+    return None
+
+
+async def cmd_admin(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+    if not args:
+        admins = BOUNTY_SERVICE.list_admins(get_room_id(update))
+        if not admins:
+            await update.message.reply_text("No admins in this room.")
+            return
+        admin_mentions = []
+        for admin_id in admins:
+            username = _find_username_by_user_id(get_room_id(update), admin_id)
+            if username:
+                admin_mentions.append(f"@{username}")
+            else:
+                admin_mentions.append(f"user#{admin_id}")
+        await update.message.reply_text(
+            f"Room Admins:\n" + "\n".join(f"- {m}" for m in admin_mentions)
+        )
+        return
+
+    if args[0] not in ("add", "remove"):
+        await update.message.reply_text(
+            "Usage:\n"
+            "/admin — list admins\n"
+            "/admin add @username — add admin\n"
+            "/admin remove @username — remove admin"
+        )
+        return
+
+    subcommand = args[0]
+
+    if len(args) < 2:
+        await update.message.reply_text(f"Usage: /admin {subcommand} @username")
+        return
+
+    raw_username = args[1]
+    if not raw_username.startswith("@"):
+        await update.message.reply_text(f"Usage: /admin {subcommand} @username")
+        return
+
+    username = raw_username[1:]
+
+    user_id = get_user_id(update)
+    room_id = get_room_id(update)
+
+    if not BOUNTY_SERVICE.is_admin(room_id, user_id):
+        await update.message.reply_text("⛔ Only admins can perform this action.")
+        return
+
+    target_user_id = _find_user_id_by_username(room_id, username)
+
+    if target_user_id is None:
+        await update.message.reply_text(f"⛔ User @{username} not found.")
+        return
+
+    try:
+        if subcommand == "add":
+            BOUNTY_SERVICE.add_admin(room_id, target_user_id, user_id)
+            await update.message.reply_text(f"✅ @{username} is now an admin.")
+        elif subcommand == "remove":
+            BOUNTY_SERVICE.remove_admin(room_id, target_user_id, user_id)
+            await update.message.reply_text(f"✅ @{username} is no longer an admin.")
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+
+
 async def cmd_help(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     await update.message.reply_text(
         "👻 JIGAIDO Commands:\n\n"
         "/bounty — list all bounties\n"
         "/my — bounties you're tracking\n"
-        "/add <text> [link] [due] — add bounty\n"
+        "/add <text> [link] [due] — add bounty (admin only)\n"
-        "/update <id> [text] [link] [due] — update bounty\n"
+        "/update <id> [text> [link] [due] — update bounty (admin only)\n"
-        "/edit <id> [text] [link] [due] — edit bounty (same as update)\n"
+        "/edit <id> [text> [link] [due] — edit bounty (same as update)\n"
         "  /edit <id> -link [<url>]  — clear or set link\n"
         "  /edit <id> -date [<date>] — clear or set date\n"
-        "/delete <id> — delete bounty (admin only)\n"
+        "/delete <id> [<id>...] — delete bounty (admin only)\n"
         "/track <id> — track a bounty (groups only)\n"
         "/untrack <id> — stop tracking (groups only)\n"
         "/show <id> — show bounty details\n"
+        "/admin — list admins\n"
+        "/admin add @username — add admin (admin only)\n"
+        "/admin remove @username — remove admin (admin only)\n"
+        "/timezone — get room timezone\n"
+        "/timezone <tz> — set room timezone (admin only)\n"
+        "/recover — list recoverable bounties (admin only)\n"
+        "/recover <id> [<id>...] — recover bounty (admin only)\n"
         "/start — re-initialize\n"
         "/help — this message",
         disable_web_page_preview=True,

apps/telegram-bot/run_bot.py

@@ -0,0 +1,28 @@
+#!/usr/bin/env python3
+import asyncio
+import os
+import sys
+
+# Run from the telegram-bot directory so local imports work
+os.chdir("/home/shoko/repositories/jigaido/apps/telegram-bot")
+sys.path.insert(0, "/home/shoko/repositories/jigaido")
+
+# Import main from the local bot module
+import bot as bot_module
+
+if __name__ == "__main__":
+    if not bot_module.BOT_TOKEN:
+        bot_module.log.error("JIGAIDO_BOT_TOKEN environment variable not set.")
+        sys.exit(1)
+
+    app = bot_module.build_app()
+    app.post_init = bot_module.post_init
+    bot_module.log.info("JIGAIDO starting...")
+
+    # PTB v20+ app.run_polling() is async - use asyncio.get_event_loop() + run_until_complete
+    loop = asyncio.new_event_loop()
+    asyncio.set_event_loop(loop)
+    try:
+        loop.run_until_complete(app.run_polling(drop_pending_updates=True))
+    finally:
+        loop.close()

core/services.py

@@ -153,6 +153,44 @@ class BountyService:
         all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
         return [b for b in all_bounties if b.deleted_at is not None]
 
+    def get_deleted_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
+        """Get a specific soft-deleted bounty by ID."""
+        all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
+        for b in all_bounties:
+            if b.id == bounty_id and b.deleted_at is not None:
+                return b
+        return None
+
+    def recover_bounty(self, room_id: int, bounty_id: int, user_id: int) -> str:
+        """Recover a soft-deleted bounty. Admin only.
+
+        Returns: 'recovered', 'not_found', 'not_deleted', 'permission_denied'
+        """
+        if not self.is_admin(room_id, user_id):
+            return "permission_denied"
+
+        bounty = self.get_deleted_bounty(room_id, bounty_id)
+        if not bounty:
+            return "not_found"
+        if bounty.deleted_at is None:
+            return "not_deleted"
+
+        bounty.deleted_at = None
+        self._storage.update_bounty(room_id, bounty)
+        return "recovered"
+
+    def recover_bounties(
+        self, room_id: int, bounty_ids: list[int], user_id: int
+    ) -> dict[int, str]:
+        """Recover multiple soft-deleted bounties. Admin only.
+
+        Returns dict of bounty_id -> result ('recovered', 'not_found', 'not_deleted', 'permission_denied')
+        """
+        results = {}
+        for bounty_id in bounty_ids:
+            results[bounty_id] = self.recover_bounty(room_id, bounty_id, user_id)
+        return results
+
     def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
         """Get a specific bounty by ID. Excludes soft-deleted bounties."""
         bounty = self._storage.get_bounty(room_id, bounty_id)
@@ -210,6 +248,28 @@ class BountyService:
         self._storage.update_bounty(room_id, bounty)
         return True
 
+    def delete_bounties(
+        self, room_id: int, bounty_ids: list[int], user_id: int
+    ) -> dict[int, str]:
+        """Soft delete multiple bounties. Returns dict of bounty_id -> result.
+
+        Results can be: 'deleted', 'not_found', 'permission_denied'
+        """
+        results = {}
+        for bounty_id in bounty_ids:
+            bounty = self._storage.get_bounty(room_id, bounty_id)
+            if not bounty:
+                results[bounty_id] = "not_found"
+                continue
+            if not self.is_admin(room_id, user_id):
+                results[bounty_id] = "permission_denied"
+                continue
+
+            bounty.deleted_at = int(time.time())
+            self._storage.update_bounty(room_id, bounty)
+            results[bounty_id] = "deleted"
+        return results
+
 
 class TrackingService:
     """Service for tracking bounty operations."""

tests/test_services.py

@@ -210,6 +210,46 @@ class TestBountyService:
         result = self.service.delete_bounty(-1001, 999, self.admin_user_id)
         assert result is False
 
+    def test_delete_bounties_multi_id_success(self):
+        """Test delete_bounties returns individual results for multiple bounties."""
+        bounty1 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete 1"
+        )
+        bounty2 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete 2"
+        )
+        results = self.service.delete_bounties(
+            -1001, [bounty1.id, bounty2.id], self.admin_user_id
+        )
+        assert results == {bounty1.id: "deleted", bounty2.id: "deleted"}
+        # Verify both are soft deleted
+        assert self.service.get_bounty(-1001, bounty1.id) is None
+        assert self.service.get_bounty(-1001, bounty2.id) is None
+
+    def test_delete_bounties_mixed_results(self):
+        """Test delete_bounties returns not_found for non-existent bounties."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        results = self.service.delete_bounties(
+            -1001, [bounty.id, 999, 888], self.admin_user_id
+        )
+        assert results == {bounty.id: "deleted", 999: "not_found", 888: "not_found"}
+
+    def test_delete_bounties_permission_denied(self):
+        """Test delete_bounties returns permission_denied for non-admin users."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        results = self.service.delete_bounties(
+            -1001,
+            [bounty.id],
+            999,  # non-admin user
+        )
+        assert results == {bounty.id: "permission_denied"}
+        # Verify bounty was NOT deleted
+        assert self.service.get_bounty(-1001, bounty.id) is not None
+
 
 class TestTrackingService:
     """Unit tests for TrackingService."""