feat: add category command handlers

Commands layer for category feature (Issue #87): New Commands: - /category - list all categories - /category add <slug> <name> - create category (admin) - /category delete <slug> - soft delete category (admin) Updated Commands: - /add - supports -cat <slug>[,<slug>] flag - /update - supports -cat, -cat -, and -remove-cat flags - /bounty - supports -c <slug>[,<slug>] filter - /show - displays categories for bounty - /help - includes category commands Syntax Examples: - /add Fix bug github.com/repo -cat bug,urgent - /update 1 -cat feature,docs - /update 1 -cat - (clear categories) - /update 1 -remove-cat bug - /bounty -c bug - /bounty -c bug,feature
Merge pull request 'feat: Category Feature - Service Layer (#86 )' (#91 ) from feature/category-service into main
2026-04-09 10:50:50 +00:00 · 2026-04-09 12:44:18 +02:00 · 2026-04-09 10:38:08 +00:00 · 2026-04-09 12:35:50 +02:00 · 2026-04-09 10:23:33 +00:00 · 2026-04-09 10:15:27 +00:00
26 changed files with 3849 additions and 590 deletions
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -5,27 +5,42 @@
 ```bash
 git clone https://git.fbrns.co/shoko/jigaido.git
 cd jigaido
 # Create virtual environment
 python -m venv venv
 source venv/bin/activate
-pip install -r requirements.txt
+
 # Install dependencies
 pip install -r apps/telegram-bot/requirements.txt
 # Run tests
 pytest
 # Run bot
-export JIGAIDO_BOT_TOKEN="test:token"
+export JIGAIDO_BOT_TOKEN="your_bot_token"
-python bot.py
+python -m apps.telegram-bot.bot
 ```
 ## Architecture
 JIGAIDO follows hexagonal architecture:
 - **Core** (`core/`): Pure domain logic - models, ports (interfaces), and services
 - **Adapters** (`adapters/`): Infrastructure implementations - storage adapters
 - **Apps** (`apps/`): CLI applications - Telegram bot
 ## Code Style
- Python (no strict formatter enforced yet)
+- Python 3.10+ with type hints
 - Async/await for Telegram handlers
 - Type hints where obvious
 - Docstrings for public functions
 - Follow existing code patterns
 ## Pull Request Workflow
 1. Branch from `main`
 2. Make changes
-3. Test locally
+3. Test locally with `pytest`
 4. Open PR with description of what changed and why
 5. Someone reviews and merges
--- a/README.md
+++ b/README.md
@@ -22,14 +22,33 @@ A bounty tracking platform. Currently ships with a Telegram bot for managing and
 ```
 jigaido/
 ├── core/                    # Domain layer (pure Python, no external deps)
 │   ├── models.py            # Domain dataclasses (Bounty, Tracking)
 │   ├── ports.py             # Port interfaces
 │   └── services.py          # Domain services
 ├── adapters/                # Infrastructure adapters
 │   └── storage/
 │       └── json_file.py     # JSON file storage implementation
 ├── apps/
-│   └── telegram-bot/   ← first app (Python)
+│   └── telegram-bot/        # Telegram bot CLI application
-│       ├── bot.py
+│       ├── bot.py            # Bot entry point
-│       ├── commands.py
+│       └── commands.py       # Command handlers
-│       ├── cron.py
+├── tests/                   # Unit tests
-│       ├── db.py
+├── config.py               # Configuration management
-│       └── requirements.txt
+└── SPEC.md                 # Full design specification
-└── SPEC.md             ← full design specification
+```
 ## Quick Start
 ```bash
 # Install dependencies
 pip install -r apps/telegram-bot/requirements.txt
 # Set bot token
 export JIGAIDO_BOT_TOKEN="your_bot_token"
 # Run bot
 python -m apps.telegram-bot.bot
 ```
 ## License
--- a/SPEC.md
+++ b/SPEC.md
@@ -8,7 +8,7 @@
 JIGAIDO is a Telegram bot that lets groups and individuals track bounties — tasks, obligations, and deadlines — with optional due dates and personal tracking.
- **Group mode**: Each Telegram group has its own bounty list. Anyone can add bounties. Only creator can edit/delete.
+- **Group mode**: Each Telegram group has its own bounty list. Admins can add/edit/delete bounties. Anyone can track.
 - **DM mode**: Personal bounty list. Anyone can manage their own bounties.
 - **Tracking**: Users can track any bounty (group or personal) to their tracking list.
 - **Due dates**: Free-form text (`"april 15"`, `"in 3 days"`, `"tomorrow"`) parsed at add time, stored as Unix timestamp. If unparseable, stored as `NULL`.
@@ -20,7 +20,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 ### Stack
 - **Bot**: `python-telegram-bot` (pure Python, no C extensions)
- **Storage**: Per-group JSON files (zero-setup, no DB server)
+- **Storage**: Per-group JSON files via `adapters/storage/json_file.py`
 - **Date parsing**: `dateparser`
 - **Runtime**: Python 3.10+
 - **Deployment**: Any $5 VPS with Python 3.10+
@@ -28,19 +28,40 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 ### Directory Structure
 ```
-~/.jigaido/                          # Data root (~/.jigaido/)
+jigaido/
-├── {group_id}/
+├── core/                    # Domain layer
-│   ├── group.json                  # Group bounties
+│   ├── models.py            # Domain dataclasses (Bounty, Tracking)
-│   └── {user_id}.json              # User tracking within this group
+│   ├── ports.py             # Port interfaces (abstract base classes)
-└── {user_id}/
+│   └── services.py          # Domain services (BountyService, TrackingService)
-    └── user.json                    # User's personal bounties (DM mode)
+├── adapters/                # Infrastructure adapters
 │   └── storage/
 │       └── json_file.py     # JSON file storage implementation
 ├── apps/
 │   └── telegram-bot/        # Telegram bot CLI application
 │       ├── bot.py            # Bot entry point
 │       └── commands.py       # Command handlers
 ├── config.py               # Configuration management
 └── tests/                  # Unit tests
 ```
-**Note:** Data directory is at `~/.jigaido/` (home directory), NOT inside the repository or app directory.
+### Hexagonal Architecture
-### Storage Design
+- **Core** (`core/`): Pure domain logic, no external dependencies
  - `models.py`: Domain dataclasses
  - `ports.py`: Abstract interfaces for storage
  - `services.py`: Business logic
-**File: `data/{group_id}/group.json`**
+- **Adapters** (`adapters/`): Implementations of ports
  - `storage/json_file.py`: JSON file-based storage
 - **Apps** (`apps/`): CLI applications
  - `telegram-bot/`: Telegram bot interface
 ### Data Storage
 Data is stored at `~/.jigaido/` (home directory), NOT inside the repository.
 **File: `~/.jigaido/{group_id}/group.json`**
 ```json
 {
@@ -58,7 +79,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 }
 ```
-**File: `data/{group_id}/{user_id}.json`**
+**File: `~/.jigaido/{group_id}/{user_id}.json`**
 ```json
 {
@@ -68,7 +89,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 }
 ```
-**File: `data/{user_id}/user.json`**
+**File: `~/.jigaido/{user_id}/user.json`**
 ```json
 {
@@ -87,10 +108,10 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 **Key design decisions:**
-1. **Group-isolated storage** — Each group has its own directory. No cross-group access.
+1. **Hexagonal architecture** — Core domain is isolated from infrastructure
-2. **Bounty IDs are sequential per group.json** — Not global. Each group's file has its own ID counter.
+2. **Group-isolated storage** — Each group has its own directory. No cross-group access.
-3. **Atomic writes** — Uses `tempfile` + `rename` for safe writes.
+3. **Bounty IDs are sequential per group.json** — Not global. Each group's file has its own ID counter.
-4. **No reminders in v1** — Dropped for simplicity.
+4. **Atomic writes** — Uses `tempfile` + `rename` for safe writes.
 ---
 ## Commands
@@ -101,9 +122,9 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 |---|---|---|
 | `/bounty` | anyone | List all bounties in this group |
 | `/my` | anyone | List bounties tracked by you in this group |
-| `/add <text> [link] [due date]` | anyone | Add a new bounty to the group |
+| `/add <text> [link] [due date]` | admin only | Add a new bounty to the group |
-| `/update <bounty_id> [text] [link] [due_date]` | creator only | Update an existing bounty |
+| `/edit <bounty_id> [text] [link] [due_date]` | admin only | Edit an existing bounty |
-| `/delete <bounty_id>` | creator only | Delete a bounty |
+| `/delete <bounty_id>` | admin only | Delete a bounty |
 | `/track <bounty_id>` | anyone | Track a group bounty |
 | `/untrack <bounty_id>` | anyone | Stop tracking a bounty |
@@ -114,7 +135,7 @@ JIGAIDO is a Telegram bot that lets groups and individuals track bounties — ta
 | `/bounty` | List all your personal bounties |
 | `/my` | List all your personal bounties |
 | `/add <text> [link] [due date]` | Add a personal bounty |
-| `/update <bounty_id> [text] [link] [due_date]` | Update a personal bounty |
+| `/edit <bounty_id> [text] [link] [due_date]` | Edit a personal bounty |
 | `/delete <bounty_id>` | Delete a personal bounty |
 | `/track <bounty_id>` | Track a personal bounty |
@@ -149,7 +170,7 @@ Stored as Unix timestamp. User-facing display can be localized/converted to any
 ## Error Handling
 - Unknown command → help text with available commands
- `/update`/`/delete` by non-creator → "⛔ Only the creator can edit/delete this bounty."
+- `/add`/`/edit`/`/delete` by non-admin → "⛔ Only admins can add/edit/delete bounties."
 - `/track` already tracked → "Already tracking" (idempotent)
 - `/untrack` not tracked → "Not tracking" (idempotent)
 - Bounty not found → "Bounty not found"
--- a/adapters/storage/json_file.py
+++ b/adapters/storage/json_file.py
@@ -11,8 +11,7 @@ import os
 import tempfile
 from pathlib import Path
-from core.models import Bounty, RoomData, TrackingData, TrackedBounty
+from core.models import Bounty, Category, RoomData, TrackingData, TrackedBounty
 from core.ports import RoomStorage, TrackingStorage
 class JsonFileRoomStorage:
@@ -56,14 +55,30 @@ class JsonFileRoomStorage:
                due_date_ts=b.get("due_date_ts"),
                created_at=b["created_at"],
                created_by_user_id=b["created_by_user_id"],
                deleted_at=b.get("deleted_at"),
                created_by_username=b.get("created_by_username"),
                category_ids=b.get("category_ids", []),
            )
            for b in data.get("bounties", [])
        ]
        categories = [
            Category(
                id=c["id"],
                name=c["name"],
                created_at=c["created_at"],
                deleted_at=c.get("deleted_at"),
            )
            for c in data.get("categories", [])
        ]
        return RoomData(
            room_id=data["room_id"],
            bounties=bounties,
            next_id=data["next_id"],
            timezone=data.get("timezone"),
            admin_usernames=data.get("admin_usernames", []),
            categories=categories,
        )
    def save(self, room_data: RoomData) -> None:
@@ -71,6 +86,17 @@ class JsonFileRoomStorage:
        data = {
            "room_id": room_data.room_id,
            "next_id": room_data.next_id,
            "timezone": room_data.timezone,
            "admin_usernames": room_data.admin_usernames or [],
            "categories": [
                {
                    "id": c.id,
                    "name": c.name,
                    "created_at": c.created_at,
                    "deleted_at": c.deleted_at,
                }
                for c in room_data.categories
            ],
            "bounties": [
                {
                    "id": b.id,
@@ -79,6 +105,9 @@ class JsonFileRoomStorage:
                    "due_date_ts": b.due_date_ts,
                    "created_at": b.created_at,
                    "created_by_user_id": b.created_by_user_id,
                    "deleted_at": b.deleted_at,
                    "created_by_username": b.created_by_username,
                    "category_ids": b.category_ids,
                }
                for b in room_data.bounties
            ],
@@ -111,15 +140,6 @@ class JsonFileRoomStorage:
        self.save(room_data)
    def delete_bounty(self, room_id: int, bounty_id: int) -> None:
        """Delete a bounty from a room."""
        room_data = self.load(room_id)
        if room_data is None:
            return
        room_data.bounties = [b for b in room_data.bounties if b.id != bounty_id]
        self.save(room_data)
    def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
        """Get a specific bounty from a room by ID."""
        room_data = self.load(room_id)
@@ -132,6 +152,35 @@ class JsonFileRoomStorage:
        return None
    def list_bounties(self, room_id: int) -> list[Bounty]:
        """List all non-deleted bounties in a room.
        This is the default method for normal queries - soft-deleted bounties
        are excluded from results.
        """
        room_data = self.load(room_id)
        if room_data is None:
            return []
        return [b for b in room_data.bounties if b.deleted_at is None]
    def list_all_bounties(
        self, room_id: int, include_deleted: bool = True
    ) -> list[Bounty]:
        """List all bounties including or excluding soft-deleted.
        Args:
            room_id: The room ID
            include_deleted: If True, return all bounties including soft-deleted.
                           If False, return only non-deleted bounties.
                           Defaults to True for /recover functionality.
        """
        room_data = self.load(room_id)
        if room_data is None:
            return []
        if include_deleted:
            return room_data.bounties
        return [b for b in room_data.bounties if b.deleted_at is None]
 class JsonFileTrackingStorage:
    """TrackingStorage implementation using JSON files.
--- a/apps/telegram-bot/bot.py
+++ b/apps/telegram-bot/bot.py
@@ -1,18 +1,34 @@
 """JIGAIDO Telegram bot entrypoint."""
 import logging
 import os
 import sys
-from telegram import Update
+sys.path.insert(0, "/home/shoko/repositories/jigaido")
 from telegram.ext import (
    Application,
    CommandHandler,
-    MessageHandler,
+    CallbackQueryHandler,
    filters,
 )
-import commands
+from commands import (
    cmd_add,
    cmd_admin,
    cmd_bounty,
    cmd_category,
    cmd_delete,
    cmd_delete_message,
    cmd_edit,
    cmd_help,
    cmd_my,
    cmd_recover,
    cmd_show,
    cmd_start,
    cmd_timezone,
    cmd_track,
    cmd_untrack,
    cmd_update,
 )
 logging.basicConfig(
    format="%(asctime)s %(levelname)s %(name)s: %(message)s",
@@ -20,23 +36,37 @@ logging.basicConfig(
 )
 log = logging.getLogger(__name__)
-BOT_TOKEN = os.environ.get("JIGAIDO_BOT_TOKEN", "")
+from config import config  # noqa: E402
 BOT_TOKEN = config.bot_token or ""
 async def error_handler(update, context):
    log.error(f"Error: {context.error}")
 def build_app() -> Application:
    app = Application.builder().token(BOT_TOKEN).build()
-    app.add_handler(CommandHandler("start", commands.cmd_start))
+    app.add_handler(CommandHandler("start", cmd_start))
-    app.add_handler(CommandHandler("help", commands.cmd_help))
+    app.add_handler(CommandHandler("help", cmd_help))
-    app.add_handler(CommandHandler("bounty", commands.cmd_bounty))
+    app.add_handler(CommandHandler("bounty", cmd_bounty))
-    app.add_handler(CommandHandler("my", commands.cmd_my))
+    app.add_handler(CommandHandler("my", cmd_my))
-    app.add_handler(CommandHandler("add", commands.cmd_add))
+    app.add_handler(CommandHandler("add", cmd_add))
-    app.add_handler(CommandHandler("update", commands.cmd_update))
+    app.add_handler(CommandHandler("edit", cmd_edit))
-    app.add_handler(CommandHandler("delete", commands.cmd_delete))
+    app.add_handler(CommandHandler("update", cmd_update))
-    app.add_handler(CommandHandler("track", commands.cmd_track))
+    app.add_handler(CommandHandler("delete", cmd_delete))
-    app.add_handler(CommandHandler("untrack", commands.cmd_untrack))
+    app.add_handler(CommandHandler("track", cmd_track))
    app.add_handler(CommandHandler("untrack", cmd_untrack))
    app.add_handler(CommandHandler("show", cmd_show))
    app.add_handler(CommandHandler("timezone", cmd_timezone))
    app.add_handler(CommandHandler("admin", cmd_admin))
    app.add_handler(CommandHandler("recover", cmd_recover))
    app.add_handler(CommandHandler("category", cmd_category))
-    app.add_handler(MessageHandler(filters.COMMAND, commands.cmd_help))
+    app.add_handler(CallbackQueryHandler(cmd_delete_message))
    app.add_error_handler(error_handler)
    return app
@@ -47,14 +77,22 @@ async def post_init(app: Application) -> None:
            ("bounty", "List bounties"),
            ("my", "Your tracked bounties"),
            ("add", "Add a bounty"),
            ("edit", "Edit a bounty"),
            ("track", "Track a bounty"),
            ("untrack", "Stop tracking"),
            ("show", "Show bounty details"),
            ("timezone", "Get/set room timezone"),
            ("admin", "Manage admins"),
            ("recover", "Recover deleted bounties"),
            ("category", "Manage categories"),
            ("help", "Show help"),
        ]
    )
 def main() -> None:
    import asyncio
    if not BOT_TOKEN:
        log.error("JIGAIDO_BOT_TOKEN environment variable not set.")
        sys.exit(1)
@@ -63,6 +101,11 @@ def main() -> None:
    app.post_init = post_init
    log.info("JIGAIDO starting...")
    # Python 3.14 compatibility: ensure event loop exists
    try:
        asyncio.get_event_loop()
    except RuntimeError:
        asyncio.set_event_loop(asyncio.new_event_loop())
    app.run_polling(drop_pending_updates=True)
--- a/apps/telegram-bot/commands.py
+++ b/apps/telegram-bot/commands.py
--- a/apps/telegram-bot/requirements-dev.txt
+++ b/apps/telegram-bot/requirements-dev.txt
@@ -1,4 +0,0 @@
 python-telegram-bot==21.6
 dateparser==1.2.0
 pytest==8.3.5
 pytest-asyncio==0.25.2
--- a/apps/telegram-bot/run_bot.py
+++ b/apps/telegram-bot/run_bot.py
@@ -0,0 +1,28 @@
 #!/usr/bin/env python3
 import asyncio
 import os
 import sys
 # Run from the telegram-bot directory so local imports work
 os.chdir("/home/shoko/repositories/jigaido/apps/telegram-bot")
 sys.path.insert(0, "/home/shoko/repositories/jigaido")
 # Import main from the local bot module
 import bot as bot_module  # noqa: E402
 if __name__ == "__main__":
    if not bot_module.BOT_TOKEN:
        bot_module.log.error("JIGAIDO_BOT_TOKEN environment variable not set.")
        sys.exit(1)
    app = bot_module.build_app()
    app.post_init = bot_module.post_init
    bot_module.log.info("JIGAIDO starting...")
    # PTB v20+ app.run_polling() is async - use asyncio.get_event_loop() + run_until_complete
    loop = asyncio.new_event_loop()
    asyncio.set_event_loop(loop)
    try:
        loop.run_until_complete(app.run_polling(drop_pending_updates=True))
    finally:
        loop.close()
--- a/apps/telegram-bot/storage.py
+++ b/apps/telegram-bot/storage.py
@@ -1,216 +0,0 @@
 """Per-group JSON file storage for JIGAIDO."""
 import json
 import os
 import tempfile
 from pathlib import Path
 from typing import Optional
 DATA_DIR = Path.home() / ".jigaido"
 def _ensure_dirs() -> None:
    DATA_DIR.mkdir(parents=True, exist_ok=True)
 def _group_dir(group_id: int) -> Path:
    return DATA_DIR / str(group_id)
 def _user_personal_dir(user_id: int) -> Path:
    return DATA_DIR / str(user_id)
 def _group_file(group_id: int) -> Path:
    return _group_dir(group_id) / "group.json"
 def _user_tracking_file(group_id: int, user_id: int) -> Path:
    return _group_dir(group_id) / f"{user_id}.json"
 def _user_personal_file(user_id: int) -> Path:
    return _user_personal_dir(user_id) / "user.json"
 def _atomic_write(path: Path, data: dict) -> None:
    path.parent.mkdir(parents=True, exist_ok=True)
    with tempfile.NamedTemporaryFile(mode="w", dir=path.parent, delete=False) as tmp:
        json.dump(data, tmp, indent=2)
        tmp_path = tmp.name
    os.rename(tmp_path, path)
 def load_group_bounties(group_id: int) -> dict:
    _ensure_dirs()
    path = _group_file(group_id)
    if not path.exists():
        return {"bounties": [], "next_id": 1}
    with open(path) as f:
        return json.load(f)
 def save_group_bounties(group_id: int, data: dict) -> None:
    _atomic_write(_group_file(group_id), data)
 def add_group_bounty(
    group_id: int,
    created_by_user_id: int,
    text: Optional[str],
    link: Optional[str],
    due_date_ts: Optional[int],
 ) -> dict:
    data = load_group_bounties(group_id)
    bounty = {
        "id": data["next_id"],
        "created_by_user_id": created_by_user_id,
        "text": text,
        "link": link,
        "due_date_ts": due_date_ts,
        "created_at": int(os.path.getctime(_group_file(group_id)))
        if _group_file(group_id).exists()
        else 0,
    }
    data["bounties"].append(bounty)
    data["next_id"] += 1
    save_group_bounties(group_id, data)
    return bounty
 def update_group_bounty(
    group_id: int,
    bounty_id: int,
    text: Optional[str],
    link: Optional[str],
    due_date_ts: Optional[int],
 ) -> bool:
    data = load_group_bounties(group_id)
    for bounty in data["bounties"]:
        if bounty["id"] == bounty_id:
            if text is not None:
                bounty["text"] = text
            if link is not None:
                bounty["link"] = link
            if due_date_ts is not None:
                bounty["due_date_ts"] = due_date_ts
            save_group_bounties(group_id, data)
            return True
    return False
 def delete_group_bounty(group_id: int, bounty_id: int) -> bool:
    data = load_group_bounties(group_id)
    for i, bounty in enumerate(data["bounties"]):
        if bounty["id"] == bounty_id:
            data["bounties"].pop(i)
            save_group_bounties(group_id, data)
            return True
    return False
 def get_group_bounty(group_id: int, bounty_id: int) -> Optional[dict]:
    data = load_group_bounties(group_id)
    for bounty in data["bounties"]:
        if bounty["id"] == bounty_id:
            return bounty
    return None
 def load_user_tracking(group_id: int, user_id: int) -> dict:
    path = _user_tracking_file(group_id, user_id)
    if not path.exists():
        return {"tracked": []}
    with open(path) as f:
        return json.load(f)
 def save_user_tracking(group_id: int, user_id: int, data: dict) -> None:
    _atomic_write(_user_tracking_file(group_id, user_id), data)
 def track_bounty(group_id: int, user_id: int, bounty_id: int) -> bool:
    data = load_user_tracking(group_id, user_id)
    if any(t["bounty_id"] == bounty_id for t in data["tracked"]):
        return False
    data["tracked"].append({"bounty_id": bounty_id})
    save_user_tracking(group_id, user_id, data)
    return True
 def untrack_bounty(group_id: int, user_id: int, bounty_id: int) -> bool:
    data = load_user_tracking(group_id, user_id)
    for i, t in enumerate(data["tracked"]):
        if t["bounty_id"] == bounty_id:
            data["tracked"].pop(i)
            save_user_tracking(group_id, user_id, data)
            return True
    return False
 def load_user_personal(user_id: int) -> dict:
    path = _user_personal_file(user_id)
    if not path.exists():
        return {"bounties": [], "next_id": 1}
    with open(path) as f:
        return json.load(f)
 def save_user_personal(user_id: int, data: dict) -> None:
    _atomic_write(_user_personal_file(user_id), data)
 def add_personal_bounty(
    user_id: int, text: Optional[str], link: Optional[str], due_date_ts: Optional[int]
 ) -> dict:
    data = load_user_personal(user_id)
    bounty = {
        "id": data["next_id"],
        "text": text,
        "link": link,
        "due_date_ts": due_date_ts,
        "created_at": 0,
    }
    data["bounties"].append(bounty)
    data["next_id"] += 1
    save_user_personal(user_id, data)
    return bounty
 def update_personal_bounty(
    user_id: int,
    bounty_id: int,
    text: Optional[str],
    link: Optional[str],
    due_date_ts: Optional[int],
 ) -> bool:
    data = load_user_personal(user_id)
    for bounty in data["bounties"]:
        if bounty["id"] == bounty_id:
            if text is not None:
                bounty["text"] = text
            if link is not None:
                bounty["link"] = link
            if due_date_ts is not None:
                bounty["due_date_ts"] = due_date_ts
            save_user_personal(user_id, data)
            return True
    return False
 def delete_personal_bounty(user_id: int, bounty_id: int) -> bool:
    data = load_user_personal(user_id)
    for i, bounty in enumerate(data["bounties"]):
        if bounty["id"] == bounty_id:
            data["bounties"].pop(i)
            save_user_personal(user_id, data)
            return True
    return False
 def get_personal_bounty(user_id: int, bounty_id: int) -> Optional[dict]:
    data = load_user_personal(user_id)
    for bounty in data["bounties"]:
        if bounty["id"] == bounty_id:
            return bounty
    return None
--- a/apps/telegram-bot/tests/conftest.py
+++ b/apps/telegram-bot/tests/conftest.py
@@ -1,27 +1,8 @@
 """Pytest fixtures for telegram-bot tests."""
 import sys
 import tempfile
 from pathlib import Path
 import pytest
-# Add the app directory to path so `import db` works when running pytest
+# Add the app directory to path so imports work when running pytest
 sys.path.insert(0, str(Path(__file__).parent.parent))
@pytest.fixture(autouse=True)
 def fresh_db(monkeypatch):
    """Replace DB_PATH with a temp file before any test runs."""
    import db as _db
    tmp = tempfile.NamedTemporaryFile(suffix=".db", delete=False)
    tmp_path = Path(tmp.name)
    tmp.close()
    monkeypatch.setattr(_db, "DB_PATH", tmp_path)
    _db.init_db()
    yield tmp_path
    tmp_path.unlink(missing_ok=True)
--- a/apps/telegram-bot/tests/test_commands.py
+++ b/apps/telegram-bot/tests/test_commands.py
@@ -1,11 +1,33 @@
-"""Tests for commands.py — parsing and formatting functions only."""
+"""Tests for commands.py — parsing, formatting, and command handlers."""
 import time
-from unittest.mock import MagicMock
+from unittest.mock import MagicMock, patch, AsyncMock
 import pytest
-from commands import extract_args, parse_args, format_bounty
+from telegram import Update, Message, User, Chat
 from telegram.ext import ContextTypes
 from commands import (
    extract_args,
    parse_args,
    format_bounty,
    cmd_bounty,
    cmd_my,
    cmd_add,
    cmd_update,
    cmd_delete,
    cmd_track,
    cmd_untrack,
    cmd_start,
    cmd_help,
    is_group,
    get_group_id,
    get_user_id,
    get_room_id,
    BOUNTY_SERVICE,
    TRACKING_SERVICE,
 )
 class TestExtractArgs:
@@ -30,75 +52,97 @@ class TestExtractArgs:
 class TestParseArgs:
    def test_text_only(self):
-        text, link, due = parse_args(["hello", "world"])
+        text, link, due, _, _ = parse_args(["hello", "world"])
        assert text == "hello world"
        assert link is None
        assert due is None
    def test_link_extracted(self):
-        text, link, due = parse_args(["hello", "https://example.com"])
+        text, link, due, _, _ = parse_args(["hello", "https://example.com"])
        # "hello" is non-link non-date → becomes text; only the URL becomes link
        assert text == "hello"
        assert link == "https://example.com"
        assert due is None
    def test_text_and_link(self):
-        text, link, due = parse_args(["hello", "world", "https://example.com"])
+        text, link, due, _, _ = parse_args(["hello", "world", "https://example.com"])
        assert text == "hello world"
        assert link == "https://example.com"
    def test_due_date_parsed(self):
-        text, link, due = parse_args(["hello", "tomorrow"])
+        text, link, due, _, _ = parse_args(["hello", "tomorrow"])
        assert text == "hello"
        assert due is not None
        # Should be some time in the future
        assert due > int(time.time())
    def test_all_three(self):
-        text, link, due = parse_args(["hello", "https://example.com", "tomorrow"])
+        text, link, due, _, _ = parse_args(["hello", "https://example.com", "tomorrow"])
        assert text == "hello"
        assert link == "https://example.com"
        assert due is not None
    def test_http_and_https_both_detected(self):
-        _, link1, _ = parse_args(["http://example.com"])
+        _, link1, _, _, _ = parse_args(["http://example.com"])
-        _, link2, _ = parse_args(["https://example.com"])
+        _, link2, _, _, _ = parse_args(["https://example.com"])
        assert link1 == "http://example.com"
        assert link2 == "https://example.com"
    def test_non_url_non_date_becomes_text(self):
-        text, link, due = parse_args(["fix", "the", "bug"])
+        text, link, due, _, _ = parse_args(["fix", "the", "bug"])
        assert text == "fix the bug"
        assert link is None
        assert due is None
    def test_multiple_links_first_only(self):
-        _, link, _ = parse_args(["text", "https://first.com", "https://second.com"])
+        _, link, _, _, _ = parse_args(["text", "https://first.com", "https://second.com"])
        assert link == "https://first.com"
    def test_due_date_after_link(self):
-        text, link, due = parse_args(["task", "https://example.com", "in 5 days"])
+        text, link, due, _, _ = parse_args(["task", "https://example.com", "in 5 days"])
        assert text == "task"
        assert link == "https://example.com"
        assert due is not None
    def test_empty_args(self):
-        text, link, due = parse_args([])
+        text, link, due, _, _ = parse_args([])
        assert text is None
        assert link is None
        assert due is None
    def test_date_parser_failure_returns_none(self):
        # "asdfjkl" is not parseable → goes to text
-        text, link, due = parse_args(["hello", "asdfjkl"])
+        text, link, due, _, _ = parse_args(["hello", "asdfjkl"])
        assert text == "hello asdfjkl"
        assert due is None
    def test_link_takes_first_match(self):
        # Even if it's not a valid URL, starts with https://
-        _, link, _ = parse_args(["skip", "https://not-real.but-still-a-link"])
+        _, link, _, _, _ = parse_args(["skip", "https://not-real.but-still-a-link"])
        assert link == "https://not-real.but-still-a-link"
    def test_url_without_scheme_normalized_to_https(self):
        """URLs without scheme should get https:// prefix."""
        _, link, _, _, _ = parse_args(["github.com/user/repo"])
        assert link == "https://github.com/user/repo"
    def test_url_without_scheme_github_normalized(self):
        text, link, _, _, _ = parse_args(["Fix bug", "github.com/owner/repo"])
        assert text == "Fix bug"
        assert link == "https://github.com/owner/repo"
    def test_url_with_explicit_https_unchanged(self):
        _, link, _, _, _ = parse_args(["task", "https://example.com/page"])
        assert link == "https://example.com/page"
    def test_url_with_http_unchanged(self):
        _, link, _, _, _ = parse_args(["task", "http://example.com/page"])
        assert link == "http://example.com/page"
    def test_url_link_flag_without_scheme_normalized(self):
        _, link, _, _, _ = parse_args(["-link", "example.com/path"])
        assert link == "https://example.com/path"
 class TestFormatBounty:
    def _row(
@@ -110,13 +154,11 @@ class TestFormatBounty:
        created_by_user_id=123456,
    ):
        row = MagicMock()
-        row.__getitem__ = lambda s, k: {
+        row.id = id
-            "id": id,
+        row.text = text
-            "text": text,
+        row.link = link
-            "link": link,
+        row.due_date_ts = due_date_ts
-            "due_date_ts": due_date_ts,
+        row.created_by_user_id = created_by_user_id
            "created_by_user_id": created_by_user_id,
        }[k]
        return row
    def test_shows_id(self):
@@ -168,3 +210,377 @@ class TestFormatBounty:
        b = self._row(created_by_user_id=999)
        out = format_bounty(b)
        assert "999" in out
 def create_mock_update(
    user_id=123,
    chat_id=-456,
    chat_type="group",
    message_text="/bounty",
 ):
    """Create a mock Telegram Update with common values."""
    user = MagicMock(spec=User)
    user.id = user_id
    chat = MagicMock(spec=Chat)
    chat.id = chat_id
    chat.type = chat_type
    message = MagicMock(spec=Message)
    message.text = message_text
    message.reply_text = AsyncMock()
    message.user = user
    update = MagicMock(spec=Update)
    update.effective_user = user
    update.effective_chat = chat
    update.message = message
    return update
 class TestHelperFunctions:
    """Test helper functions."""
    def test_is_group_true(self):
        update = create_mock_update(chat_type="group")
        assert is_group(update) is True
    def test_is_group_false_for_private(self):
        update = create_mock_update(chat_type="private")
        assert is_group(update) is False
    def test_get_group_id(self):
        update = create_mock_update(chat_id=-789)
        assert get_group_id(update) == -789
    def test_get_user_id(self):
        update = create_mock_update(user_id=999)
        assert get_user_id(update) == 999
    def test_get_room_id_group(self):
        update = create_mock_update(chat_id=-456, chat_type="group", user_id=123)
        assert get_room_id(update) == -456
    def test_get_room_id_private(self):
        update = create_mock_update(chat_id=123, chat_type="private", user_id=123)
        assert get_room_id(update) == 123
 class TestCmdBounty:
    """Test cmd_bounty command."""
    @pytest.mark.asyncio
    async def test_lists_bounties(self):
        update = create_mock_update()
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        mock_bounty = MagicMock()
        mock_bounty.id = 1
        mock_bounty.text = "Test"
        mock_bounty.link = None
        mock_bounty.due_date_ts = None
        mock_bounty.created_by_user_id = 123
        with patch.object(
            BOUNTY_SERVICE, "list_bounties", return_value=[mock_bounty]
        ) as mock_list:
            await cmd_bounty(update, ctx)
            mock_list.assert_called_once_with(-456)
            update.message.reply_text.assert_called_once()
            call_args = update.message.reply_text.call_args[0][0]
            assert "[#1]" in call_args
            assert "Test" in call_args
    @pytest.mark.asyncio
    async def test_no_bounties(self):
        update = create_mock_update()
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        with patch.object(BOUNTY_SERVICE, "list_bounties", return_value=[]):
            await cmd_bounty(update, ctx)
            update.message.reply_text.assert_called_once_with("No bounties yet.")
 class TestCmdMy:
    """Test cmd_my command."""
    @pytest.mark.asyncio
    async def test_in_group_shows_tracked(self):
        update = create_mock_update(chat_type="group")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        mock_bounty = MagicMock()
        mock_bounty.id = 1
        mock_bounty.text = "Tracked"
        mock_bounty.link = None
        mock_bounty.due_date_ts = None
        mock_bounty.created_by_user_id = 123
        with patch.object(
            TRACKING_SERVICE, "get_tracked_bounties", return_value=[mock_bounty]
        ) as mock_track:
            await cmd_my(update, ctx)
            mock_track.assert_called_once_with(-456, 123)
            update.message.reply_text.assert_called_once()
    @pytest.mark.asyncio
    async def test_in_private_shows_personal(self):
        update = create_mock_update(chat_type="private", chat_id=123)
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        mock_bounty = MagicMock()
        mock_bounty.id = 2
        mock_bounty.text = "Personal"
        mock_bounty.link = None
        mock_bounty.due_date_ts = None
        mock_bounty.created_by_user_id = 123
        with patch.object(
            BOUNTY_SERVICE, "list_bounties", return_value=[mock_bounty]
        ) as mock_list:
            await cmd_my(update, ctx)
            mock_list.assert_called_once_with(123)
            update.message.reply_text.assert_called_once()
    @pytest.mark.asyncio
    async def test_no_bounties_tracked(self):
        update = create_mock_update(chat_type="group")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        with patch.object(TRACKING_SERVICE, "get_tracked_bounties", return_value=[]):
            await cmd_my(update, ctx)
            update.message.reply_text.assert_called_once_with(
                "You are not tracking any bounties."
            )
 class TestCmdAdd:
    """Test cmd_add command."""
    @pytest.mark.asyncio
    async def test_add_bounty_success(self):
        update = create_mock_update(message_text="/add Fix the bug")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        mock_bounty = MagicMock()
        mock_bounty.id = 42
        with patch.object(
            BOUNTY_SERVICE, "add_bounty", return_value=mock_bounty
        ) as mock_add:
            await cmd_add(update, ctx)
            mock_add.assert_called_once()
            call_kwargs = mock_add.call_args[1]
            assert call_kwargs["room_id"] == -456
            assert call_kwargs["user_id"] == 123
            assert call_kwargs["text"] == "Fix the bug"
            update.message.reply_text.assert_called_once()
            assert "✅" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_add_without_args(self):
        update = create_mock_update(message_text="/add")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_add(update, ctx)
        update.message.reply_text.assert_called_once()
        assert "Usage" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_add_needs_text_or_link(self):
        update = create_mock_update(message_text="/add")
        _, link, _ = parse_args([])
        if not "test" and not link:
            await update.message.reply_text("A bounty needs at least text or a link.")
            update.message.reply_text.assert_called_once()
 class TestCmdUpdate:
    """Test cmd_update command."""
    @pytest.mark.asyncio
    async def test_update_bounty_success(self):
        update = create_mock_update(message_text="/update 1 New text")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        with patch.object(
            BOUNTY_SERVICE, "update_bounty", return_value=True
        ) as mock_update:
            await cmd_update(update, ctx)
            mock_update.assert_called_once()
            call_kwargs = mock_update.call_args[1]
            assert call_kwargs["room_id"] == -456
            assert call_kwargs["bounty_id"] == 1
            assert call_kwargs["text"] == "New text"
            update.message.reply_text.assert_called_once()
            assert "✅" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_update_without_args(self):
        update = create_mock_update(message_text="/update")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_update(update, ctx)
        update.message.reply_text.assert_called_once()
        assert "Usage" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_update_invalid_id(self):
        update = create_mock_update(message_text="/update abc")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_update(update, ctx)
        update.message.reply_text.assert_called_once_with("Invalid bounty ID.")
    @pytest.mark.asyncio
    async def test_update_permission_denied(self):
        update = create_mock_update(message_text="/update 1 new text")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        with patch.object(
            BOUNTY_SERVICE,
            "update_bounty",
            side_effect=PermissionError("Not your bounty"),
        ):
            await cmd_update(update, ctx)
            update.message.reply_text.assert_called_once()
            assert "⛔" in update.message.reply_text.call_args[0][0]
 class TestCmdDelete:
    """Test cmd_delete command."""
    @pytest.mark.asyncio
    async def test_delete_bounty_success(self):
        update = create_mock_update(message_text="/delete 1")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        with patch.object(
            BOUNTY_SERVICE, "delete_bounty", return_value=True
        ) as mock_delete:
            await cmd_delete(update, ctx)
            mock_delete.assert_called_once_with(room_id=-456, bounty_id=1, user_id=123)
            update.message.reply_text.assert_called_once()
            assert "✅" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_delete_without_args(self):
        update = create_mock_update(message_text="/delete")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_delete(update, ctx)
        update.message.reply_text.assert_called_once()
        assert "Usage" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_delete_invalid_id(self):
        update = create_mock_update(message_text="/delete abc")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_delete(update, ctx)
        update.message.reply_text.assert_called_once_with("Invalid bounty ID.")
 class TestCmdTrack:
    """Test cmd_track command."""
    @pytest.mark.asyncio
    async def test_track_in_group(self):
        update = create_mock_update(chat_type="group", message_text="/track 1")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        with patch.object(
            TRACKING_SERVICE, "track_bounty", return_value=True
        ) as mock_track:
            await cmd_track(update, ctx)
            mock_track.assert_called_once_with(-456, 123, 1)
            update.message.reply_text.assert_called_once()
            assert "✅" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_track_not_in_group(self):
        update = create_mock_update(chat_type="private", message_text="/track 1")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_track(update, ctx)
        update.message.reply_text.assert_called_once()
        assert "⛔" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_track_without_args(self):
        update = create_mock_update(chat_type="group", message_text="/track")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_track(update, ctx)
        update.message.reply_text.assert_called_once()
        assert "Usage" in update.message.reply_text.call_args[0][0]
 class TestCmdUntrack:
    """Test cmd_untrack command."""
    @pytest.mark.asyncio
    async def test_untrack_in_group(self):
        update = create_mock_update(chat_type="group", message_text="/untrack 1")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        with patch.object(
            TRACKING_SERVICE, "untrack_bounty", return_value=True
        ) as mock_untrack:
            await cmd_untrack(update, ctx)
            mock_untrack.assert_called_once_with(-456, 123, 1)
            update.message.reply_text.assert_called_once()
            assert "✅" in update.message.reply_text.call_args[0][0]
    @pytest.mark.asyncio
    async def test_untrack_not_in_group(self):
        update = create_mock_update(chat_type="private", message_text="/untrack 1")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_untrack(update, ctx)
        update.message.reply_text.assert_called_once()
        assert "⛔" in update.message.reply_text.call_args[0][0]
 class TestCmdStart:
    """Test cmd_start command."""
    @pytest.mark.asyncio
    async def test_start_in_group(self):
        update = create_mock_update(chat_type="group")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_start(update, ctx)
        update.message.reply_text.assert_called_once()
        text = update.message.reply_text.call_args[0][0]
        assert "👻" in text
        assert "/bounty" in text
    @pytest.mark.asyncio
    async def test_start_in_private(self):
        update = create_mock_update(chat_type="private")
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_start(update, ctx)
        update.message.reply_text.assert_called_once()
        text = update.message.reply_text.call_args[0][0]
        assert "👻" in text
        assert "/my" in text
 class TestCmdHelp:
    """Test cmd_help command."""
    @pytest.mark.asyncio
    async def test_help_shows_commands(self):
        update = create_mock_update()
        ctx = MagicMock(spec=ContextTypes.DEFAULT_TYPE)
        await cmd_help(update, ctx)
        update.message.reply_text.assert_called_once()
        text = update.message.reply_text.call_args[0][0]
        assert "/bounty" in text
        assert "/add" in text
        assert "/help" in text
--- a/apps/telegram-bot/init.py
+++ b/apps/telegram-bot/init.py
--- a/cli/main.py
+++ b/cli/main.py
@@ -0,0 +1,250 @@
 """JIGAIDO CLI - Command line interface for bounty tracking."""
 import argparse
 import sys
 import dateparser
 from adapters.storage.json_file import JsonFileRoomStorage, JsonFileTrackingStorage
 from config import Config
 from core.services import BountyService, TrackingService
 def parse_due_date(due_str: str | None) -> int | None:
    """Parse due date string to Unix timestamp."""
    if not due_str:
        return None
    parsed = dateparser.parse(due_str)
    if parsed:
        return int(parsed.timestamp())
    return None
 def create_services():
    """Create service instances with storage."""
    config = Config()
    config.ensure_data_dir()
    room_storage = JsonFileRoomStorage(config.data_dir / "room")
    tracking_storage = JsonFileTrackingStorage(config.data_dir / "tracking")
    bounty_service = BountyService(room_storage)
    tracking_service = TrackingService(tracking_storage, room_storage)
    return bounty_service, tracking_service
 def cmd_add(args):
    """Add a new bounty."""
    bounty_service, _ = create_services()
    due_ts = parse_due_date(args.due)
    bounty = bounty_service.add_bounty(
        room_id=args.group_id or args.user_id,
        user_id=args.user_id or 0,
        text=args.text,
        link=args.link,
        due_date_ts=due_ts,
    )
    print(f"Added bounty #{bounty.id}")
 def cmd_list(args):
    """List all bounties in a room."""
    bounty_service, _ = create_services()
    bounties = bounty_service.list_bounties(room_id=args.group_id or args.user_id)
    if not bounties:
        print("No bounties")
        return
    for b in bounties:
        due_str = (
            f", due: {dateparser.parse(str(b.due_date_ts)).strftime('%Y-%m-%d')}"
            if b.due_date_ts
            else ""
        )
        link_str = f", link: {b.link}" if b.link else ""
        print(f"#{b.id}: {b.text or '(no text)'}{link_str}{due_str}")
 def cmd_my(args):
    """List tracked bounties for a user."""
    _, tracking_service = create_services()
    room_id = args.group_id or args.user_id
    tracked = tracking_service.get_tracked_bounties(
        room_id=room_id, user_id=args.user_id
    )
    if not tracked:
        print("Not tracking any bounties")
        return
    for b in tracked:
        due_str = (
            f", due: {dateparser.parse(str(b.due_date_ts)).strftime('%Y-%m-%d')}"
            if b.due_date_ts
            else ""
        )
        link_str = f", link: {b.link}" if b.link else ""
        print(f"#{b.id}: {b.text or '(no text)'}{link_str}{due_str}")
 def cmd_update(args):
    """Update a bounty."""
    bounty_service, _ = create_services()
    due_ts = parse_due_date(args.due)
    try:
        success = bounty_service.update_bounty(
            room_id=args.group_id or args.user_id,
            bounty_id=args.bounty_id,
            user_id=args.user_id or 0,
            text=args.text,
            link=args.link,
            due_date_ts=due_ts,
            clear_link=args.clear_link,
            clear_due=args.clear_due,
        )
        if success:
            print(f"Updated bounty #{args.bounty_id}")
        else:
            print(f"Bounty #{args.bounty_id} not found", file=sys.stderr)
            sys.exit(1)
    except PermissionError as e:
        print(f"Error: {e}", file=sys.stderr)
        sys.exit(1)
 def cmd_delete(args):
    """Delete a bounty."""
    bounty_service, _ = create_services()
    try:
        success = bounty_service.delete_bounty(
            room_id=args.group_id or args.user_id,
            bounty_id=args.bounty_id,
            user_id=args.user_id or 0,
        )
        if success:
            print(f"Deleted bounty #{args.bounty_id}")
        else:
            print(f"Bounty #{args.bounty_id} not found", file=sys.stderr)
            sys.exit(1)
    except PermissionError as e:
        print(f"Error: {e}", file=sys.stderr)
        sys.exit(1)
 def cmd_track(args):
    """Track a bounty."""
    _, tracking_service = create_services()
    try:
        success = tracking_service.track_bounty(
            room_id=args.group_id,
            user_id=args.user_id,
            bounty_id=args.bounty_id,
        )
        if success:
            print(f"Tracking bounty #{args.bounty_id}")
        else:
            print(f"Already tracking bounty #{args.bounty_id}")
    except ValueError as e:
        print(f"Error: {e}", file=sys.stderr)
        sys.exit(1)
 def cmd_untrack(args):
    """Untrack a bounty."""
    _, tracking_service = create_services()
    success = tracking_service.untrack_bounty(
        room_id=args.group_id,
        user_id=args.user_id,
        bounty_id=args.bounty_id,
    )
    if success:
        print(f"Untracked bounty #{args.bounty_id}")
    else:
        print(f"Not tracking bounty #{args.bounty_id}", file=sys.stderr)
        sys.exit(1)
 def main():
    parser = argparse.ArgumentParser(
        prog="jigaido-cli", description="JIGAIDO bounty tracker CLI"
    )
    subparsers = parser.add_subparsers(dest="command", help="Commands")
    parser_add = subparsers.add_parser("add", help="Add a new bounty")
    parser_add.add_argument("text", help="Bounty description")
    parser_add.add_argument("--link", help="Optional link")
    parser_add.add_argument(
        "--due", help="Optional due date (e.g., 'tomorrow', 'in 3 days')"
    )
    parser_list = subparsers.add_parser("list", help="List all bounties")
    parser_my = subparsers.add_parser("my", help="List tracked bounties")
    parser_update = subparsers.add_parser("update", help="Update a bounty")
    parser_update.add_argument("bounty_id", type=int, help="Bounty ID to update")
    parser_update.add_argument("text", nargs="?", help="New description")
    parser_update.add_argument("--link", help="New link")
    parser_update.add_argument("--due", help="New due date")
    parser_update.add_argument("--clear-link", action="store_true", help="Clear link")
    parser_update.add_argument(
        "--clear-due", action="store_true", help="Clear due date"
    )
    parser_delete = subparsers.add_parser("delete", help="Delete a bounty")
    parser_delete.add_argument("bounty_id", type=int, help="Bounty ID to delete")
    parser_track = subparsers.add_parser("track", help="Track a bounty")
    parser_track.add_argument("bounty_id", type=int, help="Bounty ID to track")
    parser_untrack = subparsers.add_parser("untrack", help="Untrack a bounty")
    parser_untrack.add_argument("bounty_id", type=int, help="Bounty ID to untrack")
    for sp in [
        parser_add,
        parser_list,
        parser_my,
        parser_update,
        parser_delete,
        parser_track,
        parser_untrack,
    ]:
        sp.add_argument(
            "--group-id", type=int, help="Group context (use group room ID)"
        )
        sp.add_argument(
            "--user-id", type=int, help="User context (use Telegram user ID)"
        )
    args = parser.parse_args()
    if not args.command:
        parser.print_help()
        sys.exit(1)
    if not args.group_id and not args.user_id:
        print("Error: either --group-id or --user-id is required", file=sys.stderr)
        sys.exit(1)
    if args.command in ("add", "list", "my", "update", "delete"):
        if not (args.group_id or args.user_id):
            print("Error: --group-id or --user-id required", file=sys.stderr)
            sys.exit(1)
        if args.command == "add" and not args.text:
            print("Error: text is required for add", file=sys.stderr)
            sys.exit(1)
    command_map = {
        "add": cmd_add,
        "list": cmd_list,
        "my": cmd_my,
        "update": cmd_update,
        "delete": cmd_delete,
        "track": cmd_track,
        "untrack": cmd_untrack,
    }
    if args.command in command_map:
        command_map[args.command](args)
    else:
        print(f"Unknown command: {args.command}", file=sys.stderr)
        sys.exit(1)
 if __name__ == "__main__":
    main()
--- a/config.py
+++ b/config.py
@@ -13,7 +13,21 @@ class Config:
    def __init__(self):
        self.data_dir: Path = self._resolve_data_dir()
-        self.bot_token: Optional[str] = os.environ.get("JIGAIDO_BOT_TOKEN")
+        self.bot_token: Optional[str] = self._resolve_bot_token()
    def _resolve_bot_token(self) -> Optional[str]:
        env_token = os.environ.get("JIGAIDO_BOT_TOKEN")
        if env_token:
            return env_token
        config_file = Path("~/.jigaido/config.json").expanduser()
        if config_file.exists():
            with open(config_file) as f:
                config_data = json.load(f)
                if "JIGAIDO_BOT_TOKEN" in config_data:
                    return config_data["JIGAIDO_BOT_TOKEN"]
        return None
    def _resolve_data_dir(self) -> Path:
        env_dir = os.environ.get("JIGAIDO_DATA_DIR")
@@ -35,3 +49,6 @@ class Config:
 config = Config()
 config = Config()
--- a/core/models.py
+++ b/core/models.py
@@ -1,6 +1,20 @@
 """Domain dataclasses for JIGAIDO bounty tracker."""
-from dataclasses import dataclass
+from dataclasses import dataclass, field
@dataclass
 class Category:
    """A category for organizing bounties in a room.
    Categories are per-room and support soft delete.
    The id (slug) must be lowercase alphabetic only (e.g., "bug", "feature").
    """
    id: str  # slug: lowercase alphabetic only, e.g., "bug", "feature"
    name: str  # display name: e.g., "Bug", "Feature"
    created_at: int
    deleted_at: int | None = None  # soft delete
@dataclass
@@ -9,6 +23,11 @@ class Bounty:
    The created_by_user_id field always refers to the user who created the bounty.
    It does NOT indicate whether the bounty is a group or personal bounty.
    The deleted_at field indicates soft-delete: None means not deleted,
    a value means deleted at that Unix timestamp.
    The category_ids field lists category slugs associated with this bounty.
    """
    id: int
@@ -17,6 +36,9 @@ class Bounty:
    due_date_ts: int | None
    created_at: int
    created_by_user_id: int
    deleted_at: int | None = None
    created_by_username: str | None = None
    category_ids: list[str] = field(default_factory=list)
@dataclass
@@ -37,11 +59,24 @@ class RoomData:
    The room_id can be negative for Telegram groups or positive for DMs.
    The next_id field is used to generate unique bounty IDs within this room.
    The timezone field stores the room's timezone (e.g., "Asia/Jakarta"), default UTC+0.
    The admin_usernames field lists usernames who have admin privileges in this room.
    The categories field contains all categories for organizing bounties in this room.
    """
    room_id: int
    bounties: list[Bounty]
    next_id: int
    timezone: str | None = None
    admin_usernames: list[str] | None = None
    categories: list[Category] = field(default_factory=list)
    def __post_init__(self):
        if self.admin_usernames is None:
            self.admin_usernames = []
        if self.categories is None:
            self.categories = []
@dataclass
--- a/core/ports.py
+++ b/core/ports.py
@@ -32,14 +32,29 @@ class RoomStorage(Protocol):
        """Update an existing bounty in a room."""
        ...
    def delete_bounty(self, room_id: int, bounty_id: int) -> None:
        """Delete a bounty from a room."""
        ...
    def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
        """Get a specific bounty from a room by ID."""
        ...
    def list_bounties(self, room_id: int) -> list[Bounty]:
        """List all non-deleted bounties in a room.
        Soft-deleted bounties (where deleted_at is not None) are excluded.
        """
        ...
    def list_all_bounties(
        self, room_id: int, include_deleted: bool = True
    ) -> list[Bounty]:
        """List all bounties including or excluding soft-deleted.
        Args:
            room_id: The room ID
            include_deleted: If True, return all bounties including soft-deleted.
                           If False, return only non-deleted bounties.
        """
        ...
@runtime_checkable
 class TrackingStorage(Protocol):
--- a/core/services.py
+++ b/core/services.py
@@ -3,7 +3,7 @@
 import time
 from typing import Optional
-from core.models import Bounty, RoomData, TrackedBounty, TrackingData
+from core.models import Bounty, Category, RoomData, TrackedBounty, TrackingData
 from core.ports import RoomStorage, TrackingStorage
@@ -15,20 +15,136 @@ class BountyService:
    - Positive room_id: DM/personal context (user's Telegram ID)
    This service handles both group and personal bounties through room_id.
    Permissions:
    - /add, /edit, /delete: admin only
    - /admin, /admin add, /admin remove: admin only
    - /bounty, /show, /track, /untrack, /my: everyone
    """
    def __init__(self, storage: RoomStorage):
        self._storage = storage
    def is_admin(self, room_id: int, username: str | None) -> bool:
        """Check if user is admin in a room by username."""
        if not username:
            return False
        room_data = self._storage.load(room_id)
        if room_data is None:
            return False
        return username in (room_data.admin_usernames or [])
    def add_admin(
        self, room_id: int, username: str, requesting_username: str | None
    ) -> None:
        """Add an admin to a room. Requires admin permission, or self-promotion if first admin."""
        room_data = self._storage.load(room_id)
        has_no_admins = room_data is None or not room_data.admin_usernames
        is_self_promotion = requesting_username == username
        if not self.is_admin(room_id, requesting_username):
            if not (has_no_admins and is_self_promotion):
                raise PermissionError("Only admins can add admins.")
        if room_data is None:
            room_data = RoomData(
                room_id=room_id, bounties=[], next_id=1, admin_usernames=[]
            )
        admin_usernames = room_data.admin_usernames
        if admin_usernames is None:
            admin_usernames = []
            room_data.admin_usernames = []
        if username in admin_usernames:
            raise ValueError(f"@{username} is already an admin.")
        admin_usernames.append(username)
        self._storage.save(room_data)
    def remove_admin(
        self, room_id: int, username: str, requesting_username: str | None
    ) -> None:
        """Remove an admin from a room. Requires admin permission."""
        if not self.is_admin(room_id, requesting_username):
            raise PermissionError("Only admins can remove admins.")
        room_data = self._storage.load(room_id)
        if room_data is None or not (room_data.admin_usernames or []):
            raise ValueError(f"@{username} is not an admin.")
        if username not in (room_data.admin_usernames or []):
            raise ValueError(f"@{username} is not an admin.")
        (room_data.admin_usernames or []).remove(username)
        self._storage.save(room_data)
    def list_admins(self, room_id: int) -> list[str]:
        """List all admin usernames in a room."""
        room_data = self._storage.load(room_id)
        if room_data is None:
            return []
        return list(room_data.admin_usernames or [])
    def set_timezone(
        self, room_id: int, timezone: str, requesting_username: str | None
    ) -> None:
        """Set the timezone for a room. Requires admin permission."""
        if not self.is_admin(room_id, requesting_username):
            raise PermissionError("Only admins can set timezone.")
        room_data = self._storage.load(room_id)
        if room_data is None:
            room_data = RoomData(
                room_id=room_id, bounties=[], next_id=1, admin_usernames=[]
            )
        room_data.timezone = timezone
        self._storage.save(room_data)
    def get_timezone(self, room_id: int) -> str:
        """Get the timezone for a room. Returns UTC+0 if not set."""
        room_data = self._storage.load(room_id)
        if room_data is None:
            return "UTC+0"
        return room_data.timezone or "UTC+0"
    def check_link_unique(
        self, room_id: int, link: str | None, exclude_bounty_id: int | None = None
    ) -> bool:
        """Check if a link is unique within a room (not used by another bounty)."""
        if not link:
            return True
        room_data = self._storage.load(room_id)
        if room_data is None:
            return True
        for bounty in room_data.bounties:
            if bounty.deleted_at is not None:
                continue
            if bounty.link == link and bounty.id != exclude_bounty_id:
                return False
        return True
    def add_bounty(
        self,
        room_id: int,
        user_id: int,
        username: str | None,
        text: Optional[str] = None,
        link: Optional[str] = None,
        due_date_ts: Optional[int] = None,
        created_by_username: Optional[str] = None,
    ) -> Bounty:
-        """Add a new bounty to the room."""
+        """Add a new bounty to the room. Requires admin permission."""
        if not self.is_admin(room_id, username):
            raise PermissionError("Only admins can add bounties.")
        if not self.check_link_unique(room_id, link):
            raise ValueError("A bounty with this link already exists in this room.")
        room_data = self._storage.load(room_id)
        if room_data is None:
            room_data = RoomData(room_id=room_id, bounties=[], next_id=1)
@@ -38,6 +154,7 @@ class BountyService:
        bounty = Bounty(
            id=room_data.next_id,
            created_by_user_id=user_id,
            created_by_username=created_by_username,
            text=text,
            link=link,
            due_date_ts=due_date_ts,
@@ -47,33 +164,81 @@ class BountyService:
        return bounty
    def list_bounties(self, room_id: int) -> list[Bounty]:
-        """List all bounties in a room."""
+        """List all non-deleted bounties in a room."""
-        room_data = self._storage.load(room_id)
+        return self._storage.list_bounties(room_id)
-        if room_data is None:
+
-            return []
+    def list_deleted_bounties(self, room_id: int) -> list[Bounty]:
-        return room_data.bounties
+        """List all soft-deleted bounties in a room. For /recover functionality."""
        all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
        return [b for b in all_bounties if b.deleted_at is not None]
    def get_deleted_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
        """Get a specific soft-deleted bounty by ID."""
        all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
        for b in all_bounties:
            if b.id == bounty_id and b.deleted_at is not None:
                return b
        return None
    def recover_bounty(self, room_id: int, bounty_id: int, username: str | None) -> str:
        """Recover a soft-deleted bounty. Admin only.
        Returns: 'recovered', 'not_found', 'not_deleted', 'permission_denied'
        """
        if not self.is_admin(room_id, username):
            return "permission_denied"
        bounty = self.get_deleted_bounty(room_id, bounty_id)
        if not bounty:
            return "not_found"
        if bounty.deleted_at is None:
            return "not_deleted"
        bounty.deleted_at = None
        self._storage.update_bounty(room_id, bounty)
        return "recovered"
    def recover_bounties(
        self, room_id: int, bounty_ids: list[int], username: str | None
    ) -> dict[int, str]:
        """Recover multiple soft-deleted bounties. Admin only.
        Returns dict of bounty_id -> result ('recovered', 'not_found', 'not_deleted', 'permission_denied')
        """
        results = {}
        for bounty_id in bounty_ids:
            results[bounty_id] = self.recover_bounty(room_id, bounty_id, username)
        return results
    def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
-        """Get a specific bounty by ID."""
+        """Get a specific bounty by ID. Excludes soft-deleted bounties."""
-        return self._storage.get_bounty(room_id, bounty_id)
+        bounty = self._storage.get_bounty(room_id, bounty_id)
        if bounty and bounty.deleted_at is not None:
            return None
        return bounty
    def update_bounty(
        self,
        room_id: int,
        bounty_id: int,
-        user_id: int,
+        username: str | None,
        text: Optional[str] = None,
        link: Optional[str] = None,
        due_date_ts: Optional[int] = None,
        clear_link: bool = False,
        clear_due: bool = False,
    ) -> bool:
-        """Update a bounty. Only creator can update."""
+        """Update a bounty. Only admins can update."""
        bounty = self._storage.get_bounty(room_id, bounty_id)
        if not bounty:
            return False
-        if bounty.created_by_user_id != user_id:
+        if not self.is_admin(room_id, username):
-            raise PermissionError("Only the creator can edit this bounty.")
+            raise PermissionError("Only admins can edit bounties.")
        if link and not self.check_link_unique(
            room_id, link, exclude_bounty_id=bounty_id
        ):
            raise ValueError("A bounty with this link already exists in this room.")
        updated = Bounty(
            id=bounty.id,
@@ -84,19 +249,272 @@ class BountyService:
            if clear_due
            else (due_date_ts if due_date_ts is not None else bounty.due_date_ts),
            created_at=bounty.created_at,
            deleted_at=bounty.deleted_at,
            created_by_username=bounty.created_by_username,
        )
        self._storage.update_bounty(room_id, updated)
        return True
-    def delete_bounty(self, room_id: int, bounty_id: int, user_id: int) -> bool:
+    def delete_bounty(self, room_id: int, bounty_id: int, username: str | None) -> bool:
-        """Delete a bounty. Only creator can delete."""
+        """Soft delete a bounty. Only admins can delete."""
        bounty = self._storage.get_bounty(room_id, bounty_id)
        if not bounty:
            return False
-        if bounty.created_by_user_id != user_id:
+        if not self.is_admin(room_id, username):
-            raise PermissionError("Only the creator can delete this bounty.")
+            raise PermissionError("Only admins can delete bounties.")
-        self._storage.delete_bounty(room_id, bounty_id)
+        bounty.deleted_at = int(time.time())
        self._storage.update_bounty(room_id, bounty)
        return True
    def delete_bounties(
        self, room_id: int, bounty_ids: list[int], username: str | None
    ) -> dict[int, str]:
        """Soft delete multiple bounties. Returns dict of bounty_id -> result.
        Results can be: 'deleted', 'not_found', 'permission_denied'
        """
        results = {}
        for bounty_id in bounty_ids:
            bounty = self._storage.get_bounty(room_id, bounty_id)
            if not bounty:
                results[bounty_id] = "not_found"
                continue
            if not self.is_admin(room_id, username):
                results[bounty_id] = "permission_denied"
                continue
            bounty.deleted_at = int(time.time())
            self._storage.update_bounty(room_id, bounty)
            results[bounty_id] = "deleted"
        return results
    # --- Category Management ---
    def add_category(
        self,
        room_id: int,
        slug: str,
        name: str,
        username: str | None,
    ) -> Category:
        """Create a new category. Admin only.
        Args:
            room_id: Room identifier
            slug: Category ID (lowercase alphabetic, e.g., "bug")
            name: Display name (e.g., "Bug Report")
            username: Requesting admin's username
        Returns:
            Created Category
        Raises:
            PermissionError: If not admin
            ValueError: If slug already exists or invalid
        """
        if not self.is_admin(room_id, username):
            raise PermissionError("Only admins can add categories.")
        # Validate slug format (lowercase alphabetic only)
        if not slug or not slug.isalpha() or not slug.islower():
            raise ValueError(
                "Category slug must be lowercase alphabetic only (e.g., 'bug', 'feature')."
            )
        room_data = self._storage.load(room_id)
        if room_data is None:
            room_data = RoomData(
                room_id=room_id, bounties=[], next_id=1, admin_usernames=[], categories=[]
            )
        # Check for duplicate slug
        for cat in room_data.categories:
            if cat.id == slug and cat.deleted_at is None:
                raise ValueError(f"Category '{slug}' already exists.")
        category = Category(
            id=slug,
            name=name,
            created_at=int(time.time()),
            deleted_at=None,
        )
        room_data.categories.append(category)
        self._storage.save(room_data)
        return category
    def delete_category(
        self,
        room_id: int,
        slug: str,
        username: str | None,
    ) -> bool:
        """Soft delete a category. Admin only.
        Args:
            room_id: Room identifier
            slug: Category slug to delete
            username: Requesting admin's username
        Returns:
            True if deleted, False if not found
        """
        if not self.is_admin(room_id, username):
            raise PermissionError("Only admins can delete categories.")
        room_data = self._storage.load(room_id)
        if room_data is None:
            return False
        for cat in room_data.categories:
            if cat.id == slug and cat.deleted_at is None:
                cat.deleted_at = int(time.time())
                self._storage.save(room_data)
                return True
        return False
    def list_categories(self, room_id: int) -> list[Category]:
        """List active categories (excludes soft-deleted).
        Args:
            room_id: Room identifier
        Returns:
            List of active categories
        """
        room_data = self._storage.load(room_id)
        if room_data is None:
            return []
        return [c for c in room_data.categories if c.deleted_at is None]
    def get_category(self, room_id: int, slug: str) -> Category | None:
        """Get a category by slug (excludes soft-deleted).
        Args:
            room_id: Room identifier
            slug: Category slug
        Returns:
            Category or None if not found
        """
        room_data = self._storage.load(room_id)
        if room_data is None:
            return None
        for cat in room_data.categories:
            if cat.id == slug and cat.deleted_at is None:
                return cat
        return None
    def _validate_category_exists(self, room_id: int, slug: str) -> None:
        """Validate that a category exists (and is not deleted). Raises ValueError if not found."""
        if not self.get_category(room_id, slug):
            raise ValueError(f"Category '{slug}' not found.")
    def add_category_to_bounty(
        self,
        room_id: int,
        bounty_id: int,
        category_slug: str,
        username: str | None,
    ) -> bool:
        """Add category to a bounty. Admin only.
        Args:
            room_id: Room identifier
            bounty_id: Bounty ID
            category_slug: Category slug to add
            username: Requesting admin's username
        Returns:
            True if newly added, False if already exists
        Raises:
            PermissionError: If not admin
            ValueError: If bounty or category not found
        """
        if not self.is_admin(room_id, username):
            raise PermissionError("Only admins can manage bounty categories.")
        bounty = self.get_bounty(room_id, bounty_id)
        if not bounty:
            raise ValueError("Bounty not found.")
        self._validate_category_exists(room_id, category_slug)
        if category_slug in bounty.category_ids:
            return False  # Already exists
        bounty.category_ids.append(category_slug)
        self._storage.update_bounty(room_id, bounty)
        return True
    def remove_category_from_bounty(
        self,
        room_id: int,
        bounty_id: int,
        category_slug: str,
        username: str | None,
    ) -> bool:
        """Remove category from a bounty. Admin only.
        Args:
            room_id: Room identifier
            bounty_id: Bounty ID
            category_slug: Category slug to remove
            username: Requesting admin's username
        Returns:
            True if removed, False if not found
        """
        if not self.is_admin(room_id, username):
            raise PermissionError("Only admins can manage bounty categories.")
        bounty = self.get_bounty(room_id, bounty_id)
        if not bounty:
            raise ValueError("Bounty not found.")
        if category_slug not in bounty.category_ids:
            return False
        bounty.category_ids.remove(category_slug)
        self._storage.update_bounty(room_id, bounty)
        return True
    def update_bounty_categories(
        self,
        room_id: int,
        bounty_id: int,
        category_slugs: list[str],
        username: str | None,
    ) -> bool:
        """Replace all categories on a bounty. Admin only.
        Args:
            room_id: Room identifier
            bounty_id: Bounty ID
            category_slugs: New list of category slugs
            username: Requesting admin's username
        Returns:
            True if updated
        Raises:
            PermissionError: If not admin
            ValueError: If bounty or any category not found
        """
        if not self.is_admin(room_id, username):
            raise PermissionError("Only admins can manage bounty categories.")
        bounty = self.get_bounty(room_id, bounty_id)
        if not bounty:
            raise ValueError("Bounty not found.")
        # Validate all categories exist
        for slug in category_slugs:
            self._validate_category_exists(room_id, slug)
        bounty.category_ids = category_slugs
        self._storage.update_bounty(room_id, bounty)
        return True
@@ -147,7 +565,7 @@ class TrackingService:
        if room_data is None:
            return []
-        bounty_map = {b.id: b for b in room_data.bounties}
+        bounty_map = {b.id: b for b in room_data.bounties if b.deleted_at is None}
        return [
            bounty_map[t.bounty_id]
            for t in tracking_data.tracked
--- a/docs/AUDIT_AND_SPEC.md
+++ b/docs/AUDIT_AND_SPEC.md
@@ -0,0 +1,544 @@
 # JIGAIDO Audit & Feature Specification
 > Document created: 2026-04-09
 > Purpose: Repository audit findings and category feature specification
 ---
 # Part I: Repository Audit
 ## 1.1 Current Architecture
 JIGAIDO follows **hexagonal architecture** with clear separation:
 ```
 jigaido/
 ├── core/                          # Domain layer (pure Python, no deps)
 │   ├── models.py                 # Domain dataclasses
 │   ├── ports.py                  # Storage interfaces
 │   └── services.py               # Business logic
 ├── adapters/
 │   └── storage/
 │       └── json_file.py          # JSON file persistence
 ├── apps/
 │   └── telegram-bot/
 │       ├── bot.py                # Bot entrypoint
 │       └── commands.py           # Command handlers
 ├── tests/                        # Unit tests (98 tests passing)
 ├── config.py                     # Configuration
 ├── SPEC.md                       # Original design spec
 └── README.md                     # Overview
 ```
 ## 1.2 Features Implemented
 | Feature | Status | Location |
 |---------|--------|----------|
 | Group bounty management | ✅ Done | `BountyService` |
 | Personal DM bounties | ✅ Done | Same service, different room_id |
 | Admin management | ✅ Done | `add_admin`, `remove_admin`, `list_admins` |
 | Soft delete (recoverable) | ✅ Done | `delete_bounty`, `recover_bounty` |
 | Due date with timezone | ✅ Done | `dateparser` + `ZoneInfo` |
 | Link deduplication | ✅ Done | `check_link_unique` |
 | Tracking/untracking | ✅ Done | `TrackingService` |
 | `/track` in groups only | ✅ Done | Command handler |
 | Expired bounty filtering | ✅ Done | 24h cutoff logic |
 | Timezone per room | ✅ Done | `set_timezone`, `get_timezone` |
 ## 1.3 Bugs & Issues Found
 ### Bug 1: Admin Promotion Logic Edge Case
 **Location**: `core/services.py` - `add_admin()`
 **Issue**: The first admin can self-promote, but if the Telegram group creator joins later, they won't be recognized as admin since they're not in `admin_usernames`.
 **Code**:
 ```python
 # core/services.py:44-49
 has_no_admins = room_data is None or not room_data.admin_usernames
 is_self_promotion = requesting_username == username
 if not self.is_admin(room_id, requesting_username):
    if not (has_no_admins and is_self_promotion):
        raise PermissionError("Only admins can add admins.")
 ```
 **Recommendation**: Document this behavior or enhance to auto-detect Telegram group creator.
 ---
 ### Bug 2: Hard Delete Method in Storage
 **Location**: `adapters/storage/json_file.py:113-119`
 **Issue**: `delete_bounty()` in storage does hard delete, while `BountyService.delete_bounty()` does soft delete. The storage method is unused but confusing.
 **Code**:
 ```python
 def delete_bounty(self, room_id: int, bounty_id: int) -> None:
    """Delete a bounty from a room."""
    room_data = self.load(room_id)
    if room_data is None:
        return
    room_data.bounties = [b for b in room_data.bounties if b.id != bounty_id]
    self.save(room_data)
 ```
 **Recommendation**: Remove or mark as deprecated.
 ---
 ### Issue 3: Spec vs Code Inconsistency
 **Location**: `SPEC.md` vs `commands.py`
 **Issue**: SPEC.md says anyone can `/add` in groups, but code requires admin.
 | Command | SPEC.md | Code |
 |---------|---------|------|
 | `/add` | anyone | admin only |
 | `/edit` | creator only | admin only |
 | `/delete` | creator only | admin only |
 **Recommendation**: Update SPEC.md to reflect actual implementation.
 ---
 ### Issue 4: No Input Sanitization
 **Location**: `commands.py` - `parse_args()`
 **Issue**: Links without proper scheme (e.g., `github.com/user/repo`) are accepted as-is.
 **Recommendation**: Consider normalizing URL scheme or validating format.
 ---
 ### Issue 5: No Rate Limiting
 **Location**: `/add` command
 **Issue**: No limit on:
 - Number of bounties per room
 - Text length
 - Request rate
 **Recommendation**: Add rate limiting for production use.
 ---
 ## 1.4 Test Status
 ```bash
 $ PYTHONPATH=. python -m pytest tests/
 ======================== 98 passed, 1 warning ========================
 ```
 **Note**: Tests require `PYTHONPATH=.` to run. Consider adding `pytest.ini` or `pyproject.toml`.
 ---
 # Part II: Category Feature Specification
 ## 2.1 Overview
 Add category support to JIGAIDO to allow filtering and organizing bounties.
 **Goals**:
 - Admin-only category management (create, delete)
 - Multiple categories per bounty (no duplicates)
 - Filter bounties by category
 - Show categories on `/show` command
 - Backward compatibility (existing bounties work without categories)
 ## 2.2 Data Model
 ### Category
 ```python
@dataclass
 class Category:
    """A category for organizing bounties in a room."""
    id: str           # slug: lowercase alphabetic only, e.g., "bug", "feature"
    name: str         # display name: e.g., "Bug", "Feature"
    created_at: int
    deleted_at: int | None = None  # soft delete
 ```
 **Constraints**:
 - `id` (slug): lowercase alphabetic only, no symbols, e.g., `^[a-z]+$`
 - `name`: human-readable display
 - Unique within room (slug must be unique)
 - Soft delete preserves data
 ### Bounty (Modified)
 ```python
@dataclass
 class Bounty:
    # ... existing fields ...
    id: int
    text: str | None
    link: str | None
    due_date_ts: int | None
    created_at: int
    created_by_user_id: int
    deleted_at: int | None = None
    created_by_username: str | None = None
    category_ids: list[str] = field(default_factory=list)  # NEW
 ```
 ### RoomData (Modified)
 ```python
@dataclass
 class RoomData:
    room_id: int
    bounties: list[Bounty]
    next_id: int
    timezone: str | None = None
    admin_usernames: list[str] | None = None
    categories: list[Category] = field(default_factory=list)  # NEW
 ```
 ## 2.3 Category Scope
 - **Per room**: Same as bounties, each room (group/DM) has independent categories
 - **Admin only**: Only admins can create/delete categories
 - **User access**: Regular users can only filter by category
 ## 2.4 Service Layer API
 All methods require admin permission unless specified otherwise.
 ### Category Management
 ```python
 class BountyService:
    # ... existing methods ...
    # --- Category Management ---
    def add_category(
        self,
        room_id: int,
        slug: str,
        name: str,
        username: str | None
    ) -> Category:
        """Create a new category. Admin only.
        Args:
            room_id: Room identifier
            slug: Category ID (lowercase alphabetic, e.g., "bug")
            name: Display name (e.g., "Bug Report")
            username: Requesting admin's username
        Returns:
            Created Category
        Raises:
            PermissionError: If not admin
            ValueError: If slug already exists or invalid
        """
        ...
    def delete_category(
        self,
        room_id: int,
        slug: str,
        username: str | None
    ) -> bool:
        """Soft delete a category. Admin only.
        Args:
            room_id: Room identifier
            slug: Category slug to delete
            username: Requesting admin's username
        Returns:
            True if deleted, False if not found
        """
        ...
    def list_categories(self, room_id: int) -> list[Category]:
        """List active categories (excludes soft-deleted).
        Args:
            room_id: Room identifier
        Returns:
            List of active categories
        """
        ...
    def get_category(self, room_id: int, slug: str) -> Category | None:
        """Get a category by slug (excludes soft-deleted).
        Args:
            room_id: Room identifier
            slug: Category slug
        Returns:
            Category or None if not found
        """
        ...
 ```
 ### Category-to-Bounty Association
 ```python
    def add_category_to_bounty(
        self,
        room_id: int,
        bounty_id: int,
        category_slug: str,
        username: str | None
    ) -> bool:
        """Add category to a bounty. Admin only.
        Args:
            room_id: Room identifier
            bounty_id: Bounty ID
            category_slug: Category slug to add
            username: Requesting admin's username
        Returns:
            True if newly added, False if already exists
        Raises:
            PermissionError: If not admin
            ValueError: If bounty or category not found
        """
        ...
    def remove_category_from_bounty(
        self,
        room_id: int,
        bounty_id: int,
        category_slug: str,
        username: str | None
    ) -> bool:
        """Remove category from a bounty. Admin only.
        Args:
            room_id: Room identifier
            bounty_id: Bounty ID
            category_slug: Category slug to remove
            username: Requesting admin's username
        Returns:
            True if removed, False if not found
        """
        ...
    def update_bounty_categories(
        self,
        room_id: int,
        bounty_id: int,
        category_slugs: list[str],
        username: str | None
    ) -> bool:
        """Replace all categories on a bounty. Admin only.
        Args:
            room_id: Room identifier
            bounty_id: Bounty ID
            category_slugs: New list of category slugs
            username: Requesting admin's username
        Returns:
            True if updated
        Raises:
            PermissionError: If not admin
            ValueError: If bounty or any category not found
        """
        ...
 ```
 ### Bounty Listing with Category Filter
 ```python
    def list_bounties(
        self,
        room_id: int,
        category_slugs: list[str] | None = None,
        include_expired: bool = False
    ) -> list[Bounty]:
        """List bounties with optional category filtering.
        Args:
            room_id: Room identifier
            category_slugs: If provided, filter by ANY of these categories (OR)
            include_expired: If True, include bounties past due date
        Returns:
            List of non-deleted bounties, sorted by due date
        """
        ...
 ```
 ## 2.5 Filtering Logic
 - **Single category**: `/bounty -c bug` → bounties with "bug"
 - **Multiple categories (OR)**: `/bounty -c bug,feature` → bounties with "bug" OR "feature"
 - **No filter**: `/bounty` → all bounties (current behavior)
 ## 2.6 Command Syntax
 ### Category Management
 ```
 /category                      - list categories
 /category add <slug> <name>    - create category (admin)
 /category delete <slug>        - soft delete category (admin)
 ```
 ### Bounty with Category
 ```
 /add <text> [link] [date] -cat <slug>     - add with category
 /add <text> [link] [date] -cat <slug1>,<slug2> - add with multiple categories
 /update <id> -cat <slug>        - add category to bounty
 /update <id> -cat <slug1>,<slug2> - set categories (replace all)
 /update <id> -cat -             - clear all categories
 /update <id> -remove-cat <slug> - remove specific category
 ```
 ### Bounty Listing with Filter
 ```
 /bounty                        - all bounties (current)
 /bounty -c <slug>              - filter by category
 /bounty -c <slug1>,<slug2>    - filter by multiple categories (OR)
 /bounty all                    - show expired (current)
 /bounty all -c <slug>          - show expired + filter by category
 ```
 ### Show Bounty
 ```
 /show <id>                     - show bounty details with categories
 ```
 ## 2.7 Display Format
 ### `/category` output
 ```
 Categories:
 - bug → Bug Report
 - feature → Feature Request
 - docs → Documentation
 ```
 ### `/show <id>` output (with categories)
 ```
 [#1] Fix login bug
 🔗 https://github.com/...
 📅 15 April 2026 14:30 (Asia/Jakarta)
 📂 Categories: bug | feature
 👤 @username
 📌 Created: 2026-04-01 10:00
 ```
 ### `/bounty -c bug` output
 ```
 Filtering with 🐛 bug category:
 Showing 3 of 10 bounties:
 [#5] ...
 [#1] ...
 [#3] ...
 ```
 ### `/bounty -c bug,feature` output
 ```
 Filtering with 🐛 bug, ✨ feature categories:
 Showing 5 of 10 bounties:
 [#5] ...
 [#1] ...
 ```
 ## 2.8 Edge Cases
 | Scenario | Behavior |
 |----------|----------|
 | Delete category | Soft delete - existing bounties keep category in data, but filter won't find it |
 | Filter by deleted category | Show "No bounties with this category" or error |
 | Add duplicate category to bounty | No-op, return False |
 | Add invalid slug (uppercase/symbols) | Reject with validation error |
 | Category slug conflict | Reject with "Category already exists" |
 | Bounty without categories | `category_ids = []` (backward compatible) |
 ## 2.9 Test Cases to Add
 ```python
 # Category Management
 def test_add_category_requires_admin():
 def test_add_category_duplicate_slug_fails():
 def test_add_category_invalid_slug_fails():
 def test_add_category_valid():
 def test_delete_category_soft_deletes():
 def test_deleted_category_not_listed():
 def test_deleted_category_still_in_bounty_data():
 def test_list_categories_empty():
 def test_list_categories_returns_active():
 def test_get_category_not_found():
 def test_get_category_deleted_returns_none():
 # Category-to-Bounty
 def test_add_category_to_bounty():
 def test_add_duplicate_category_to_bounty_noop():
 def test_add_category_to_bounty_invalid_category():
 def test_remove_category_from_bounty():
 def test_remove_category_not_on_bounty_returns_false():
 def test_update_bounty_categories_replace_all():
 def test_update_bounty_categories_validates():
 # Bounty Listing with Filter
 def test_list_bounties_filter_by_single_category():
 def test_list_bounties_filter_by_multiple_categories_or():
 def test_list_bounties_no_category_returns_all():
 def test_list_bounties_category_excludes_deleted_bounties():
 ```
 ---
 # Part III: Implementation Checklist
 ## Models Layer
 - [ ] Add `Category` dataclass to `core/models.py`
 - [ ] Add `category_ids` field to `Bounty` dataclass
 - [ ] Add `categories` field to `RoomData` dataclass
 ## Storage Layer
 - [ ] Update `JsonFileRoomStorage.load()` to deserialize categories
 - [ ] Update `JsonFileRoomStorage.save()` to serialize categories
 ## Service Layer
 - [ ] Implement `add_category()`
 - [ ] Implement `delete_category()`
 - [ ] Implement `list_categories()`
 - [ ] Implement `get_category()`
 - [ ] Implement `add_category_to_bounty()`
 - [ ] Implement `remove_category_from_bounty()`
 - [ ] Implement `update_bounty_categories()`
 - [ ] Update `list_bounties()` to support category filter
 ## Command Layer
 - [ ] Add `/category` command handler
 - [ ] Add `-cat` flag parsing to `/add`
 - [ ] Add `-cat` and `-remove-cat` flags to `/update`
 - [ ] Add `-c` flag to `/bounty` for category filter
 - [ ] Update `/show` to display categories
 ## Tests
 - [ ] Add category management tests
 - [ ] Add category-to-bounty tests
 - [ ] Add category filter tests
 ## Documentation
 - [ ] Update README.md with category feature
 - [ ] Update command help text
 ---
 # Part IV: Open Questions
 1. **Category icon/emoji**: Should categories have optional emoji? (Not in initial spec, can add later)
 2. **Category reactivation**: Should soft-deleted categories be reactable? (Not in initial spec)
 3. **Bulk category operations**: Should we support `/category add bulk`? (Not in initial spec)
 ---
 *End of Audit & Specification Document*
--- a/pytest.ini
+++ b/pytest.ini
@@ -0,0 +1,4 @@
 [pytest]
 testpaths = tests
 pythonpath = .
 asyncio_default_fixture_loop_scope = function
--- a/tests/init.py
+++ b/tests/init.py
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@@ -0,0 +1,375 @@
 """Tests for cli/main.py — CLI commands with mocked dependencies."""
 import pytest
 from unittest.mock import patch, MagicMock
 from io import StringIO
 from core.models import Bounty
 from core.ports import RoomStorage, TrackingStorage
 class MockRoomStorage(RoomStorage):
    """Mock RoomStorage for testing."""
    def __init__(self):
        self._rooms: dict[int, dict] = {}
    def load(self, room_id: int) -> dict | None:
        return self._rooms.get(room_id)
    def save(self, room_data: dict) -> None:
        self._rooms[room_data["room_id"]] = room_data
    def add_bounty(self, room_id: int, bounty: Bounty) -> None:
        if room_id not in self._rooms:
            self._rooms[room_id] = {"room_id": room_id, "bounties": [], "next_id": 1}
        self._rooms[room_id]["bounties"].append(bounty)
    def update_bounty(self, room_id: int, bounty: Bounty) -> None:
        if room_id in self._rooms:
            for i, b in enumerate(self._rooms[room_id]["bounties"]):
                if b.id == bounty.id:
                    self._rooms[room_id]["bounties"][i] = bounty
                    break
    def delete_bounty(self, room_id: int, bounty_id: int) -> None:
        if room_id in self._rooms:
            self._rooms[room_id]["bounties"] = [
                b for b in self._rooms[room_id]["bounties"] if b.id != bounty_id
            ]
    def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
        if room_id in self._rooms:
            for b in self._rooms[room_id]["bounties"]:
                if b.id == bounty_id:
                    return b
        return None
 class MockTrackingStorage(TrackingStorage):
    """Mock TrackingStorage for testing."""
    def __init__(self):
        self._tracking: dict[int, dict] = {}
    def load(self, user_id: int) -> dict | None:
        return self._tracking.get(user_id)
    def save(self, tracking_data: dict) -> None:
        self._tracking[tracking_data["user_id"]] = tracking_data
    def track_bounty(self, user_id: int, bounty_id: int, room_id: int) -> bool:
        if user_id not in self._tracking:
            self._tracking[user_id] = {"user_id": user_id, "bounty_ids": []}
        if bounty_id not in self._tracking[user_id]["bounty_ids"]:
            self._tracking[user_id]["bounty_ids"].append(bounty_id)
            return True
        return False
    def untrack_bounty(self, user_id: int, bounty_id: int) -> bool:
        if user_id in self._tracking:
            if bounty_id in self._tracking[user_id]["bounty_ids"]:
                self._tracking[user_id]["bounty_ids"].remove(bounty_id)
                return True
        return False
    def get_tracked_bounty_ids(self, user_id: int) -> list[int]:
        if user_id in self._tracking:
            return self._tracking[user_id]["bounty_ids"]
        return []
@pytest.fixture
 def mock_services():
    """Create mock services for CLI testing."""
    room_storage = MockRoomStorage()
    tracking_storage = MockTrackingStorage()
    return room_storage, tracking_storage
 class TestCLIParsing:
    """Test CLI argument parsing through main()."""
    def test_add_command_requires_text(self):
        """Test that 'add' command requires text argument."""
        from cli.main import main
        with patch("sys.argv", ["jigaido-cli", "add", "--group-id=-1001"]):
            with patch("cli.main.create_services"):
                with patch("sys.stderr", new=StringIO()) as stderr:
                    with pytest.raises(SystemExit):
                        main()
                    assert "arguments are required: text" in stderr.getvalue()
    def test_list_command(self):
        """Test 'list' command parsing."""
        from cli.main import main
        with patch("sys.argv", ["jigaido-cli", "list", "--group-id=-1001"]):
            with patch("cli.main.create_services") as mock_create:
                mock_create.return_value = (MagicMock(), MagicMock())
                mock_bounty_service = MagicMock()
                mock_bounty_service.list_bounties.return_value = []
                mock_create.return_value = (mock_bounty_service, MagicMock())
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "No bounties" in stdout.getvalue()
    def test_my_command(self):
        """Test 'my' command parsing."""
        from cli.main import main
        with patch(
            "sys.argv", ["jigaido-cli", "my", "--group-id=-1001", "--user-id=123"]
        ):
            with patch("cli.main.create_services") as mock_create:
                mock_tracking_service = MagicMock()
                mock_tracking_service.get_tracked_bounties.return_value = []
                mock_create.return_value = (MagicMock(), mock_tracking_service)
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "Not tracking any bounties" in stdout.getvalue()
    def test_update_command(self):
        """Test 'update' command parsing."""
        from cli.main import main
        with patch(
            "sys.argv", ["jigaido-cli", "update", "1", "--group-id=-1001", "new text"]
        ):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.update_bounty.return_value = True
                mock_create.return_value = (mock_bounty_service, MagicMock())
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "Updated bounty #1" in stdout.getvalue()
    def test_delete_command(self):
        """Test 'delete' command parsing."""
        from cli.main import main
        with patch("sys.argv", ["jigaido-cli", "delete", "1", "--group-id=-1001"]):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.delete_bounty.return_value = True
                mock_create.return_value = (mock_bounty_service, MagicMock())
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "Deleted bounty #1" in stdout.getvalue()
    def test_track_command(self):
        """Test 'track' command parsing."""
        from cli.main import main
        with patch(
            "sys.argv",
            ["jigaido-cli", "track", "1", "--group-id=-1001", "--user-id=123"],
        ):
            with patch("cli.main.create_services") as mock_create:
                mock_tracking_service = MagicMock()
                mock_tracking_service.track_bounty.return_value = True
                mock_create.return_value = (MagicMock(), mock_tracking_service)
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "Tracking bounty #1" in stdout.getvalue()
    def test_untrack_command(self):
        """Test 'untrack' command parsing."""
        from cli.main import main
        with patch(
            "sys.argv",
            ["jigaido-cli", "untrack", "1", "--group-id=-1001", "--user-id=123"],
        ):
            with patch("cli.main.create_services") as mock_create:
                mock_tracking_service = MagicMock()
                mock_tracking_service.untrack_bounty.return_value = True
                mock_create.return_value = (MagicMock(), mock_tracking_service)
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "Untracked bounty #1" in stdout.getvalue()
 class TestCLIValidation:
    """Test CLI input validation."""
    def test_requires_group_id_or_user_id(self):
        """Test that commands require either --group-id or --user-id."""
        from cli.main import main
        with patch("sys.argv", ["jigaido-cli", "add", "some text"]):
            with patch("sys.stderr", new=StringIO()) as stderr:
                with pytest.raises(SystemExit):
                    main()
                assert "group-id or --user-id is required" in stderr.getvalue()
    def test_unknown_command(self):
        """Test handling of unknown commands."""
        from cli.main import main
        with patch("sys.argv", ["jigaido-cli", "unknown_cmd", "--group-id=-1001"]):
            with patch("sys.stderr", new=StringIO()) as stderr:
                with pytest.raises(SystemExit):
                    main()
                assert "invalid choice" in stderr.getvalue()
    def test_update_clear_link_flag(self):
        """Test update with --clear-link flag."""
        from cli.main import main
        with patch(
            "sys.argv",
            ["jigaido-cli", "update", "1", "--clear-link", "--group-id=-1001"],
        ):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.update_bounty.return_value = True
                mock_create.return_value = (mock_bounty_service, MagicMock())
                main()
                mock_bounty_service.update_bounty.assert_called_once()
                call_kwargs = mock_bounty_service.update_bounty.call_args
                assert call_kwargs.kwargs.get("clear_link") is True
    def test_update_clear_due_flag(self):
        """Test update with --clear-due flag."""
        from cli.main import main
        with patch(
            "sys.argv",
            ["jigaido-cli", "update", "1", "--clear-due", "--group-id=-1001"],
        ):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.update_bounty.return_value = True
                mock_create.return_value = (mock_bounty_service, MagicMock())
                main()
                mock_bounty_service.update_bounty.assert_called_once()
                call_kwargs = mock_bounty_service.update_bounty.call_args
                assert call_kwargs.kwargs.get("clear_due") is True
 class TestCLIOutput:
    """Test CLI output formatting."""
    def test_list_shows_bounties(self):
        """Test that 'list' shows bounty details correctly."""
        from cli.main import main
        mock_bounty = MagicMock()
        mock_bounty.id = 1
        mock_bounty.text = "Fix bug"
        mock_bounty.link = "https://github.com/issue/1"
        mock_bounty.due_date_ts = None
        with patch("sys.argv", ["jigaido-cli", "list", "--group-id=-1001"]):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.list_bounties.return_value = [mock_bounty]
                mock_create.return_value = (mock_bounty_service, MagicMock())
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    output = stdout.getvalue()
                    assert "#1:" in output
                    assert "Fix bug" in output
                    assert "https://github.com/issue/1" in output
    def test_list_empty(self):
        """Test that 'list' shows 'No bounties' when empty."""
        from cli.main import main
        with patch("sys.argv", ["jigaido-cli", "list", "--group-id=-1001"]):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.list_bounties.return_value = []
                mock_create.return_value = (mock_bounty_service, MagicMock())
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "No bounties" in stdout.getvalue()
    def test_add_output(self):
        """Test that 'add' outputs the new bounty ID."""
        from cli.main import main
        mock_bounty = MagicMock()
        mock_bounty.id = 42
        with patch("sys.argv", ["jigaido-cli", "add", "New task", "--group-id=-1001"]):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.add_bounty.return_value = mock_bounty
                mock_create.return_value = (mock_bounty_service, MagicMock())
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "Added bounty #42" in stdout.getvalue()
 class TestCLIErrorHandling:
    """Test CLI error handling."""
    def test_delete_nonexistent_bounty(self):
        """Test deleting a non-existent bounty."""
        from cli.main import main
        with patch("sys.argv", ["jigaido-cli", "delete", "999", "--group-id=-1001"]):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.delete_bounty.return_value = False
                mock_create.return_value = (mock_bounty_service, MagicMock())
                with patch("sys.stderr", new=StringIO()) as stderr:
                    with pytest.raises(SystemExit):
                        main()
                    assert "not found" in stderr.getvalue()
    def test_update_permission_error(self):
        """Test update with permission error."""
        from cli.main import main
        with patch(
            "sys.argv",
            ["jigaido-cli", "update", "1", "new text", "--group-id=-1001"],
        ):
            with patch("cli.main.create_services") as mock_create:
                mock_bounty_service = MagicMock()
                mock_bounty_service.update_bounty.side_effect = PermissionError(
                    "Not owner"
                )
                mock_create.return_value = (mock_bounty_service, MagicMock())
                with patch("sys.stderr", new=StringIO()) as stderr:
                    with pytest.raises(SystemExit):
                        main()
                    assert "Not owner" in stderr.getvalue()
    def test_track_already_tracking(self):
        """Test tracking a bounty that's already tracked."""
        from cli.main import main
        with patch(
            "sys.argv",
            ["jigaido-cli", "track", "1", "--group-id=-1001", "--user-id=123"],
        ):
            with patch("cli.main.create_services") as mock_create:
                mock_tracking_service = MagicMock()
                mock_tracking_service.track_bounty.return_value = False
                mock_create.return_value = (MagicMock(), mock_tracking_service)
                with patch("sys.stdout", new=StringIO()) as stdout:
                    main()
                    assert "Already tracking" in stdout.getvalue()
 if __name__ == "__main__":
    pytest.main([__file__, "-v"])
--- a/tests/test_config.py
+++ b/tests/test_config.py
@@ -2,11 +2,9 @@
 import json
 import os
 import tempfile
 from pathlib import Path
 from unittest.mock import patch
 import pytest
 from config import Config, DEFAULT_DATA_DIR
@@ -47,10 +45,27 @@ class TestConfigDataDir:
            assert cfg.bot_token == "test_token_123"
    def test_bot_token_none_when_not_set(self):
-        """Test that bot_token is None when JIGAIDO_BOT_TOKEN not set."""
+        """Test that bot_token is None when JIGAIDO_BOT_TOKEN not set and no config file."""
        with patch.dict(os.environ, {}, clear=True):
-            cfg = Config()
+            with patch("pathlib.Path.exists", return_value=False):
-            assert cfg.bot_token is None
+                cfg = Config()
                assert cfg.bot_token is None
    def test_bot_token_from_config_file(self):
        """Test that bot_token is read from config file when env var not set."""
        config_dir = Path.home() / ".jigaido"
        config_file = config_dir / "config.json"
        with patch.dict(os.environ, {}, clear=True):
            with patch("pathlib.Path.expanduser", return_value=config_file):
                with patch("pathlib.Path.exists", return_value=True):
                    with patch("builtins.open", create=True) as mock_open:
                        mock_open.return_value.__enter__ = lambda s: s
                        mock_open.return_value.__exit__ = lambda *a: None
                        mock_open.return_value.read = lambda: (
                            '{"JIGAIDO_BOT_TOKEN": "config_token"}'
                        )
                        cfg = Config()
                        assert cfg.bot_token == "config_token"
 class TestConfigEnsureDataDir:
--- a/tests/test_json_file.py
+++ b/tests/test_json_file.py
@@ -1,11 +1,9 @@
 """Tests for adapters/storage/json_file.py — JSON file storage adapter."""
 import json
 import os
 import tempfile
 from pathlib import Path
 import pytest
 from adapters.storage.json_file import JsonFileRoomStorage, JsonFileTrackingStorage
 from core.models import Bounty, RoomData, TrackingData, TrackedBounty
@@ -99,15 +97,6 @@ class TestJsonFileRoomStorage:
        assert self.storage.load(-1001) is None
    def test_delete_bounty(self):
        """Test that delete_bounty removes a bounty."""
        bounty = self._create_bounty(id=1)
        self.storage.add_bounty(-1001, bounty)
        self.storage.delete_bounty(-1001, 1)
        loaded = self.storage.load(-1001)
        assert len(loaded.bounties) == 0
    def test_get_bounty_found(self):
        """Test that get_bounty returns the bounty when found."""
        bounty = self._create_bounty(id=1)
--- a/tests/test_models.py
+++ b/tests/test_models.py
@@ -1,8 +1,6 @@
 """Tests for core/models.py — domain dataclasses."""
 import time
 import pytest
 from core.models import (
    Bounty,
@@ -28,6 +26,22 @@ class TestBounty:
        assert b.due_date_ts == 1735689600
        assert b.created_at == 1735603200
        assert b.created_by_user_id == 123
        assert b.deleted_at is None
        assert b.created_by_username is None
    def test_bounty_with_new_fields(self):
        b = Bounty(
            id=1,
            text="Fix the bug",
            link="https://github.com/example/repo/issues/1",
            due_date_ts=1735689600,
            created_at=1735603200,
            created_by_user_id=123,
            deleted_at=1736200000,
            created_by_username="johndoe",
        )
        assert b.deleted_at == 1736200000
        assert b.created_by_username == "johndoe"
    def test_bounty_optional_fields_can_be_none(self):
        b = Bounty(
@@ -41,6 +55,8 @@ class TestBounty:
        assert b.text is None
        assert b.link is None
        assert b.due_date_ts is None
        assert b.deleted_at is None
        assert b.created_by_username is None
    def test_bounty_comparison_equal(self):
        b1 = Bounty(
@@ -103,6 +119,8 @@ class TestRoomData:
        assert rd.room_id == -1001
        assert rd.bounties == []
        assert rd.next_id == 1
        assert rd.timezone is None
        assert rd.admin_usernames == []
    def test_create_dm_room_data(self):
        rd = RoomData(
@@ -113,6 +131,8 @@ class TestRoomData:
        assert rd.room_id == 123456
        assert rd.bounties == []
        assert rd.next_id == 1
        assert rd.timezone is None
        assert rd.admin_usernames == []
    def test_room_data_with_bounties(self):
        b = Bounty(
@@ -128,6 +148,25 @@ class TestRoomData:
        assert rd.bounties[0].text == "Task"
        assert rd.bounties[0].created_by_user_id == 123
    def test_room_data_with_new_fields(self):
        rd = RoomData(
            room_id=-1001,
            bounties=[],
            next_id=1,
            timezone="Asia/Jakarta",
            admin_usernames=["alice", "bob"],
        )
        assert rd.timezone == "Asia/Jakarta"
        assert rd.admin_usernames == ["alice", "bob"]
    def test_room_data_admin_usernames_defaults_to_empty_list(self):
        rd = RoomData(
            room_id=-1001,
            bounties=[],
            next_id=1,
        )
        assert rd.admin_usernames == []
 class TestTrackingData:
    def test_create_tracking_data(self):
--- a/tests/test_ports.py
+++ b/tests/test_ports.py
@@ -1,6 +1,5 @@
 """Tests for core/ports.py — storage interfaces."""
 import pytest
 from core.models import Bounty, RoomData, TrackingData, TrackedBounty
 from core.ports import RoomStorage, TrackingStorage
@@ -35,12 +34,6 @@ class SimpleRoomStorage:
                    self._rooms[room_id].bounties[i] = bounty
                    break
    def delete_bounty(self, room_id: int, bounty_id: int) -> None:
        if room_id in self._rooms:
            self._rooms[room_id].bounties = [
                b for b in self._rooms[room_id].bounties if b.id != bounty_id
            ]
    def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
        if room_id in self._rooms:
            for b in self._rooms[room_id].bounties:
@@ -48,6 +41,20 @@ class SimpleRoomStorage:
                    return b
        return None
    def list_bounties(self, room_id: int) -> list[Bounty]:
        if room_id not in self._rooms:
            return []
        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
    def list_all_bounties(
        self, room_id: int, include_deleted: bool = True
    ) -> list[Bounty]:
        if room_id not in self._rooms:
            return []
        if include_deleted:
            return self._rooms[room_id].bounties
        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
 class SimpleTrackingStorage:
    """Minimal mock without ensure_tracking - tests if track_bounty works without it.
@@ -106,12 +113,6 @@ class MockRoomStorage:
                    self._rooms[room_id].bounties[i] = bounty
                    break
    def delete_bounty(self, room_id: int, bounty_id: int) -> None:
        if room_id in self._rooms:
            self._rooms[room_id].bounties = [
                b for b in self._rooms[room_id].bounties if b.id != bounty_id
            ]
    def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
        if room_id in self._rooms:
            for b in self._rooms[room_id].bounties:
@@ -119,6 +120,20 @@ class MockRoomStorage:
                    return b
        return None
    def list_bounties(self, room_id: int) -> list[Bounty]:
        if room_id not in self._rooms:
            return []
        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
    def list_all_bounties(
        self, room_id: int, include_deleted: bool = True
    ) -> list[Bounty]:
        if room_id not in self._rooms:
            return []
        if include_deleted:
            return self._rooms[room_id].bounties
        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
 class MockTrackingStorage:
    """Mock implementation of TrackingStorage for testing."""
@@ -215,19 +230,6 @@ class TestRoomStorage:
        assert result is not None
        assert result.text == "Updated"
    def test_delete_bounty(self):
        storage = MockRoomStorage()
        bounty = Bounty(
            id=1,
            text="Test",
            link=None,
            due_date_ts=None,
            created_at=0,
            created_by_user_id=123,
        )
        storage.add_bounty(-1001, bounty)
        storage.delete_bounty(-1001, 1)
        assert storage.get_bounty(-1001, 1) is None
 class TestTrackingStorage:
--- a/tests/test_services.py
+++ b/tests/test_services.py
@@ -1,9 +1,8 @@
 """Tests for core/services.py — business logic services."""
 import pytest
 from unittest.mock import MagicMock
-from core.models import Bounty, RoomData, TrackingData, TrackedBounty
+from core.models import RoomData
 from core.services import BountyService, TrackingService
 from tests.test_ports import MockRoomStorage, MockTrackingStorage
@@ -15,14 +14,30 @@ class TestBountyService:
        """Set up fresh storage and service for each test."""
        self.storage = MockRoomStorage()
        self.service = BountyService(self.storage)
        self.admin_username = "admin"
        self._make_admin(-1001, self.admin_username)
    def _make_admin(self, room_id: int, username: str):
        """Helper to set up a room with an admin user."""
        room_data = self.storage.load(room_id)
        if room_data is None:
            room_data = RoomData(
                room_id=room_id, bounties=[], next_id=0, admin_usernames=[]
            )
        if username not in (room_data.admin_usernames or []):
            room_data.admin_usernames = room_data.admin_usernames or []
            room_data.admin_usernames.append(username)
        self.storage.save(room_data)
    def test_add_bounty_creates_room_if_not_exists(self):
        """Test that add_bounty creates a new room if it doesn't exist."""
        bounty = self.service.add_bounty(
            room_id=-1001,
            user_id=123,
            username=self.admin_username,
            text="Fix bug",
            link="https://github.com/issue/1",
            created_by_username=self.admin_username,
        )
        assert bounty.id == 1
        assert bounty.text == "Fix bug"
@@ -34,14 +49,27 @@ class TestBountyService:
    def test_add_bounty_increments_id(self):
        """Test that add_bounty increments bounty ID for each new bounty."""
-        b1 = self.service.add_bounty(room_id=-1001, user_id=123, text="First")
+        b1 = self.service.add_bounty(
-        b2 = self.service.add_bounty(room_id=-1001, user_id=123, text="Second")
+            room_id=-1001, user_id=123, username=self.admin_username, text="First"
-        b3 = self.service.add_bounty(room_id=-1001, user_id=123, text="Third")
+        )
        b2 = self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="Second"
        )
        b3 = self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="Third"
        )
        assert b1.id == 1
        assert b2.id == 2
        assert b3.id == 3
    def test_add_bounty_requires_admin(self):
        """Test that add_bounty raises PermissionError when non-admin tries to add."""
        with pytest.raises(PermissionError, match="Only admins can add bounties"):
            self.service.add_bounty(
                room_id=-1001, user_id=999, username="nonadmin", text="Not admin"
            )
    def test_list_bounties_empty_room(self):
        """Test list_bounties returns empty list for non-existent room."""
        bounties = self.service.list_bounties(-1001)
@@ -49,9 +77,17 @@ class TestBountyService:
    def test_list_bounties_returns_all_bounties(self):
        """Test list_bounties returns all bounties in a room."""
-        self.service.add_bounty(room_id=-1001, user_id=123, text="First")
+        self.service.add_bounty(
-        self.service.add_bounty(room_id=-1001, user_id=123, text="Second")
+            room_id=-1001, user_id=123, username=self.admin_username, text="First"
-        self.service.add_bounty(room_id=-999, user_id=123, text="Other room")
+        )
        self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="Second"
        )
        # Add bounty to different room to verify isolation
        self._make_admin(-999, "otheradmin")
        self.service.add_bounty(
            room_id=-999, user_id=456, username="otheradmin", text="Other room"
        )
        bounties = self.service.list_bounties(-1001)
        assert len(bounties) == 2
@@ -59,7 +95,9 @@ class TestBountyService:
    def test_get_bounty_found(self):
        """Test get_bounty returns bounty when it exists."""
-        created = self.service.add_bounty(room_id=-1001, user_id=123, text="Test")
+        created = self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="Test"
        )
        found = self.service.get_bounty(-1001, created.id)
        assert found is not None
        assert found.text == "Test"
@@ -71,31 +109,37 @@ class TestBountyService:
    def test_get_bounty_wrong_room(self):
        """Test get_bounty returns None when bounty is in different room."""
-        self.service.add_bounty(room_id=-1001, user_id=123, text="Test")
+        self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="Test"
        )
        found = self.service.get_bounty(-999, 1)  # room -999 doesn't have bounty 1
        assert found is None
    def test_update_bounty_success(self):
-        """Test update_bounty succeeds when creator updates their bounty."""
+        """Test update_bounty succeeds when admin updates their bounty."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="Original")
+        bounty = self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="Original"
        )
        result = self.service.update_bounty(
            room_id=-1001,
            bounty_id=bounty.id,
-            user_id=123,
+            username=self.admin_username,
            text="Updated",
        )
        assert result is True
        updated = self.service.get_bounty(-1001, bounty.id)
        assert updated.text == "Updated"
-    def test_update_bounty_not_creator_raises_permission_error(self):
+    def test_update_bounty_not_admin_raises_permission_error(self):
-        """Test update_bounty raises PermissionError when non-creator tries to update."""
+        """Test update_bounty raises PermissionError when non-admin tries to update."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="Original")
+        bounty = self.service.add_bounty(
-        with pytest.raises(PermissionError, match="Only the creator can edit"):
+            room_id=-1001, user_id=123, username=self.admin_username, text="Original"
        )
        with pytest.raises(PermissionError, match="Only admins can edit bounties"):
            self.service.update_bounty(
                room_id=-1001,
                bounty_id=bounty.id,
-                user_id=999,  # different user
+                username="nonadmin",  # different user, not admin
                text="Hacked",
            )
@@ -104,7 +148,7 @@ class TestBountyService:
        result = self.service.update_bounty(
            room_id=-1001,
            bounty_id=999,
-            user_id=123,
+            username=self.admin_username,
            text="Updated",
        )
        assert result is False
@@ -114,13 +158,14 @@ class TestBountyService:
        bounty = self.service.add_bounty(
            room_id=-1001,
            user_id=123,
            username=self.admin_username,
            text="Original",
            link="https://original.link",
        )
        self.service.update_bounty(
            room_id=-1001,
            bounty_id=bounty.id,
-            user_id=123,
+            username=self.admin_username,
            text="Updated only text",
        )
        updated = self.service.get_bounty(-1001, bounty.id)
@@ -132,36 +177,86 @@ class TestBountyService:
        bounty = self.service.add_bounty(
            room_id=-1001,
            user_id=123,
            username=self.admin_username,
            text="Test",
            link="https://original.link",
        )
        self.service.update_bounty(
            room_id=-1001,
            bounty_id=bounty.id,
-            user_id=123,
+            username=self.admin_username,
            clear_link=True,
        )
        updated = self.service.get_bounty(-1001, bounty.id)
        assert updated.link is None
    def test_delete_bounty_success(self):
-        """Test delete_bounty succeeds when creator deletes their bounty."""
+        """Test delete_bounty soft deletes when admin deletes their bounty."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="To delete")
+        bounty = self.service.add_bounty(
-        result = self.service.delete_bounty(-1001, bounty.id, 123)
+            room_id=-1001, user_id=123, username=self.admin_username, text="To delete"
        )
        result = self.service.delete_bounty(-1001, bounty.id, self.admin_username)
        assert result is True
        # Soft delete - bounty should not be found via get_bounty
        assert self.service.get_bounty(-1001, bounty.id) is None
        # But still exists in list_deleted_bounties
        deleted = self.service.list_deleted_bounties(-1001)
        assert len(deleted) == 1
        assert deleted[0].id == bounty.id
-    def test_delete_bounty_not_creator_raises_permission_error(self):
+    def test_delete_bounty_not_admin_raises_permission_error(self):
-        """Test delete_bounty raises PermissionError when non-creator tries to delete."""
+        """Test delete_bounty raises PermissionError when non-admin tries to delete."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="To delete")
+        bounty = self.service.add_bounty(
-        with pytest.raises(PermissionError, match="Only the creator can delete"):
+            room_id=-1001, user_id=123, username=self.admin_username, text="To delete"
-            self.service.delete_bounty(-1001, bounty.id, 999)  # different user
+        )
        with pytest.raises(PermissionError, match="Only admins can delete bounties"):
            self.service.delete_bounty(-1001, bounty.id, "nonadmin")
    def test_delete_bounty_not_found(self):
        """Test delete_bounty returns False when bounty doesn't exist."""
-        result = self.service.delete_bounty(-1001, 999, 123)
+        result = self.service.delete_bounty(-1001, 999, self.admin_username)
        assert result is False
    def test_delete_bounties_multi_id_success(self):
        """Test delete_bounties returns individual results for multiple bounties."""
        bounty1 = self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="To delete 1"
        )
        bounty2 = self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="To delete 2"
        )
        results = self.service.delete_bounties(
            -1001, [bounty1.id, bounty2.id], self.admin_username
        )
        assert results == {bounty1.id: "deleted", bounty2.id: "deleted"}
        # Verify both are soft deleted
        assert self.service.get_bounty(-1001, bounty1.id) is None
        assert self.service.get_bounty(-1001, bounty2.id) is None
    def test_delete_bounties_mixed_results(self):
        """Test delete_bounties returns not_found for non-existent bounties."""
        bounty = self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="To delete"
        )
        results = self.service.delete_bounties(
            -1001, [bounty.id, 999, 888], self.admin_username
        )
        assert results == {bounty.id: "deleted", 999: "not_found", 888: "not_found"}
    def test_delete_bounties_permission_denied(self):
        """Test delete_bounties returns permission_denied for non-admin users."""
        bounty = self.service.add_bounty(
            room_id=-1001, user_id=123, username=self.admin_username, text="To delete"
        )
        results = self.service.delete_bounties(
            -1001,
            [bounty.id],
            "nonadmin",  # non-admin user
        )
        assert results == {bounty.id: "permission_denied"}
        # Verify bounty was NOT deleted
        assert self.service.get_bounty(-1001, bounty.id) is not None
 class TestTrackingService:
    """Unit tests for TrackingService."""
@@ -171,11 +266,31 @@ class TestTrackingService:
        self.room_storage = MockRoomStorage()
        self.tracking_storage = MockTrackingStorage()
        self.service = TrackingService(self.tracking_storage, self.room_storage)
        self.admin_username = "admin"
        self._make_admin(-1001, self.admin_username)
-    def _add_bounty(self, room_id=-1001, user_id=123, text="Test bounty"):
+    def _make_admin(self, room_id: int, username: str):
        """Helper to set up a room with an admin user."""
        room_data = self.room_storage.load(room_id)
        if room_data is None:
            room_data = RoomData(
                room_id=room_id, bounties=[], next_id=0, admin_usernames=[]
            )
        if username not in (room_data.admin_usernames or []):
            room_data.admin_usernames = room_data.admin_usernames or []
            room_data.admin_usernames.append(username)
        self.room_storage.save(room_data)
    def _add_bounty(self, room_id=-1001, username="admin", text="Test bounty"):
        """Helper to add a bounty for tracking tests."""
        if self.room_storage.load(room_id) is None or username not in (
            self.room_storage.load(room_id).admin_usernames or []
        ):
            self._make_admin(room_id, username)
        bounty_service = BountyService(self.room_storage)
-        return bounty_service.add_bounty(room_id=room_id, user_id=user_id, text=text)
+        return bounty_service.add_bounty(
            room_id=room_id, user_id=123, username=username, text=text
        )
    def test_track_bounty_success(self):
        """Test track_bounty successfully tracks a bounty."""
@@ -263,11 +378,13 @@ class TestTrackingService:
    def test_get_tracked_bounties_ignores_deleted_bounties(self):
        """Test get_tracked_bounties ignores bounties that were deleted."""
        bounty_service = BountyService(self.room_storage)
-        bounty = bounty_service.add_bounty(room_id=-1001, user_id=123, text="To delete")
+        bounty = bounty_service.add_bounty(
            room_id=-1001, user_id=123, username="admin", text="To delete"
        )
        self.service.track_bounty(-1001, 123456, bounty.id)
        # Delete the bounty
-        bounty_service.delete_bounty(-1001, bounty.id, 123)
+        bounty_service.delete_bounty(-1001, bounty.id, "admin")
        tracked = self.service.get_tracked_bounties(-1001, 123456)
        assert len(tracked) == 0  # deleted bounty not returned