feat: add /admin command to list room admins

Implement /admin command as specified in issue #50: - Lists all admin user IDs for the current room - Output format: 'Room Admins:\n- @user1\n- @user2' - Shows 'No admins configured for this room.' if none exist - Available to everyone (no permission check needed) Changes: - Add _find_username_by_user_id helper function - Update cmd_admin to support listing when called with no args - Update /help to include /admin command Closes #50
Merge pull request 'feat(/add): add admin-only and link uniqueness handling' (#77 ) from fix/issue-45-v3 into main
2026-04-04 13:07:52 +00:00 · 2026-04-04 12:59:48 +02:00 · 2026-04-04 17:59:20 +07:00 · 2026-04-04 12:53:36 +02:00 · 2026-04-04 17:52:47 +07:00 · 2026-04-04 12:18:31 +02:00
7 changed files with 620 additions and 80 deletions
--- a/adapters/storage/json_file.py
+++ b/adapters/storage/json_file.py
@@ -140,6 +140,35 @@ class JsonFileRoomStorage:

        return None

+    def list_bounties(self, room_id: int) -> list[Bounty]:
+        """List all non-deleted bounties in a room.
+
+        This is the default method for normal queries - soft-deleted bounties
+        are excluded from results.
+        """
+        room_data = self.load(room_id)
+        if room_data is None:
+            return []
+        return [b for b in room_data.bounties if b.deleted_at is None]
+
+    def list_all_bounties(
+        self, room_id: int, include_deleted: bool = True
+    ) -> list[Bounty]:
+        """List all bounties including or excluding soft-deleted.
+
+        Args:
+            room_id: The room ID
+            include_deleted: If True, return all bounties including soft-deleted.
+                           If False, return only non-deleted bounties.
+                           Defaults to True for /recover functionality.
+        """
+        room_data = self.load(room_id)
+        if room_data is None:
+            return []
+        if include_deleted:
+            return room_data.bounties
+        return [b for b in room_data.bounties if b.deleted_at is None]
+

 class JsonFileTrackingStorage:
    """TrackingStorage implementation using JSON files.
--- a/apps/telegram-bot/bot.py
+++ b/apps/telegram-bot/bot.py
@@ -8,12 +8,15 @@ from telegram.ext import Application, CommandHandler, MessageHandler, filters

 from commands import (
    cmd_add,
+    cmd_admin,
    cmd_bounty,
    cmd_delete,
    cmd_edit,
    cmd_help,
    cmd_my,
+    cmd_show,
    cmd_start,
+    cmd_timezone,
    cmd_track,
    cmd_untrack,
    cmd_update,
@@ -41,6 +44,9 @@ def build_app() -> Application:
    app.add_handler(CommandHandler("delete", cmd_delete))
    app.add_handler(CommandHandler("track", cmd_track))
    app.add_handler(CommandHandler("untrack", cmd_untrack))
+    app.add_handler(CommandHandler("show", cmd_show))
+    app.add_handler(CommandHandler("timezone", cmd_timezone))
+    app.add_handler(CommandHandler("admin", cmd_admin))

    app.add_handler(MessageHandler(filters.COMMAND, cmd_help))

@@ -56,6 +62,9 @@ async def post_init(app: Application) -> None:
            ("edit", "Edit a bounty"),
            ("track", "Track a bounty"),
            ("untrack", "Stop tracking"),
+            ("show", "Show bounty details"),
+            ("timezone", "Get/set room timezone"),
+            ("admin", "Manage admins"),
            ("help", "Show help"),
        ]
    )
--- a/apps/telegram-bot/commands.py
+++ b/apps/telegram-bot/commands.py
@@ -3,6 +3,7 @@
 import time
 from functools import wraps
 from typing import Optional
+from zoneinfo import ZoneInfo, ZoneInfoNotFoundError

 import dateparser
 from telegram import Update
@@ -26,47 +27,84 @@ def extract_args(text: str) -> list[str]:
    return tokens[1:] if len(tokens) > 1 else []


-def parse_args(args: list[str]) -> tuple[Optional[str], Optional[str], Optional[int]]:
+def parse_args(
+    args: list[str],
+) -> tuple[Optional[str], Optional[str], Optional[int], bool, bool]:
    text = None
    link = None
    due_date_ts = None
+    clear_link = False
+    clear_date = False

-    remaining = []
-    for arg in args:
-        if not link and (arg.startswith("http://") or arg.startswith("https://")):
+    i = 0
+    while i < len(args):
+        arg = args[i]
+
+        if arg == "-link":
+            if i + 1 < len(args) and (
+                args[i + 1].startswith("http://") or args[i + 1].startswith("https://")
+            ):
+                link = args[i + 1]
+                i += 2
+            else:
+                clear_link = True
+                i += 1
+        elif arg == "-date":
+            if i + 1 < len(args):
+                parsed = dateparser.parse(args[i + 1])
+                if parsed:
+                    due_date_ts = int(parsed.timestamp())
+                    i += 2
+                else:
+                    clear_date = True
+                    i += 1
+            else:
+                clear_date = True
+                i += 1
+        elif not link and (arg.startswith("http://") or arg.startswith("https://")):
            link = arg
+            i += 1
        elif due_date_ts is None:
            parsed = dateparser.parse(arg)
            if parsed:
                due_date_ts = int(parsed.timestamp())
+                i += 1
            else:
-                remaining.append(arg)
+                i += 1
+                if text is None:
+                    text = arg
+                else:
+                    text = text + " " + arg
        else:
-            remaining.append(arg)
+            i += 1
+            if text is None:
+                text = arg
+            else:
+                text = text + " " + arg

-    text = " ".join(remaining) if remaining else None
-    return text, link, due_date_ts
+    return text, link, due_date_ts, clear_link, clear_date


-def format_bounty(b, show_id: bool = True) -> str:
+def format_bounty(b, show_id: bool = True, slice_length: int = 0) -> str:
    parts = []
    if show_id:
        parts.append(f"[#{b.id}]")
    if b.text:
-        parts.append(b.text)
+        text = b.text
+        if slice_length > 0 and len(text) > slice_length:
+            text = text[:slice_length] + "..."
+        parts.append(text)
    if b.link:
        parts.append(f"🔗 {b.link}")
    if b.due_date_ts:
-        due_str = time.strftime("%Y-%m-%d", time.localtime(b.due_date_ts))
+        due_str = time.strftime("%d %b %Y", time.localtime(b.due_date_ts))
        days_left = (b.due_date_ts - int(time.time())) // 86400
        if days_left < 0:
            parts.append(f"⏰ {due_str} (OVERDUE)")
        elif days_left == 0:
-            parts.append(f"⏰ {due_str} (TODAY)")
+            parts.append(f"⏰ Today (OVERDUE)")
        else:
            parts.append(f"⏰ {due_str} ({days_left}d)")
-    if b.created_by_user_id:
-        parts.append(f"by {b.created_by_user_id}")
    return " | ".join(parts)


@@ -95,13 +133,58 @@ def get_room_id(update: Update) -> int:

 async def cmd_bounty(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
    room_id = get_room_id(update)
-    bounties = BOUNTY_SERVICE.list_bounties(room_id)
+    args = extract_args(update.message.text)

-    if not bounties:
-        await update.message.reply_text("No bounties yet.")
+    show_all = "all" in args
+    args = [a for a in args if a != "all"]
+
+    try:
+        limit = int(args[0]) if args else 5
+    except (ValueError, IndexError):
+        limit = 5
+
+    now = int(time.time())
+    cutoff_24h = now - 86400
+
+    all_bounties = BOUNTY_SERVICE.list_bounties(room_id)
+
+    def is_expired(b) -> bool:
+        return b.due_date_ts is not None and b.due_date_ts < cutoff_24h
+
+    def sort_key(b):
+        if b.due_date_ts is not None:
+            return (0, b.due_date_ts)
+        return (1, b.created_at)
+
+    filtered_bounties = [b for b in all_bounties if not is_expired(b) or show_all]
+    filtered_bounties.sort(key=sort_key)
+
+    total_count = len(filtered_bounties)
+    displayed_bounties = filtered_bounties[:limit]
+
+    if not displayed_bounties:
+        if show_all:
+            await update.message.reply_text("No bounties yet.")
+        else:
+            await update.message.reply_text(
+                "No active bounties. Use /bounty all to show expired."
+            )
        return

-    lines = [format_bounty(b, show_id=True) for b in bounties]
+    lines = []
+    if limit < total_count:
+        lines.append(f"Showing {limit} of {total_count} bounties:")
+        slice_length = 40
+    elif show_all and total_count > limit:
+        lines.append(f"Showing {limit} of {total_count} bounties (including expired):")
+        slice_length = 40
+    else:
+        lines.append(f"Showing {total_count} bounties:")
+        slice_length = 0
+
+    for b in displayed_bounties:
+        lines.append(format_bounty(b, show_id=True, slice_length=slice_length))
+
    await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)


@@ -111,6 +194,7 @@ async def cmd_my(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
    if is_group(update):
        group_id = get_group_id(update)
        bounties = TRACKING_SERVICE.get_tracked_bounties(group_id, user_id)
+        room_id = group_id
    else:
        room_id = get_room_id(update)
        bounties = BOUNTY_SERVICE.list_bounties(room_id)
@@ -137,7 +221,7 @@ async def cmd_add(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
        )
        return

-    text, link, due_date_ts = parse_args(args)
+    text, link, due_date_ts, _, _ = parse_args(args)
    if not text and not link:
        await update.message.reply_text("A bounty needs at least text or a link.")
        return
@@ -145,18 +229,24 @@ async def cmd_add(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
    user_id = get_user_id(update)
    room_id = get_room_id(update)

-    bounty = BOUNTY_SERVICE.add_bounty(
-        room_id=room_id,
-        user_id=user_id,
-        text=text,
-        link=link,
-        due_date_ts=due_date_ts,
-    )
+    try:
+        bounty = BOUNTY_SERVICE.add_bounty(
+            room_id=room_id,
+            user_id=user_id,
+            text=text,
+            link=link,
+            due_date_ts=due_date_ts,
+        )
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
+    except ValueError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return

    due_str = ""
    if due_date_ts:
        due_str = f" | Due: {time.strftime('%Y-%m-%d', time.localtime(due_date_ts))}"
-
    await update.message.reply_text(
        f"✅ Bounty added (#{bounty.id}){due_str}",
        disable_web_page_preview=True,
@@ -167,7 +257,14 @@ async def cmd_update(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
    args = extract_args(update.message.text)
    if len(args) < 1:
        await update.message.reply_text(
-            "Usage: /update <bounty_id> [text] [link] [due_date]"
+            "Usage: /update <bounty_id> [text] [link] [due_date]\n"
+            "       /update <bounty_id> -link [<url>]   - clear or set link\n"
+            "       /update <bounty_id> -date [<date>]   - clear or set date\n"
+            "Examples:\n"
+            "  /update 1 new text           - update text only\n"
+            "  /update 1 -link              - clear link\n"
+            "  /update 1 -link https://...  - set link\n"
+            "  /update 1 -link -date        - clear both link and date"
        )
        return

@@ -177,8 +274,14 @@ async def cmd_update(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
        await update.message.reply_text("Invalid bounty ID.")
        return

-    text, link, due_date_ts = parse_args(args[1:])
-    if not text and not link and due_date_ts is None:
+    text, link, due_date_ts, clear_link, clear_date = parse_args(args[1:])
+    if (
+        not text
+        and not link
+        and due_date_ts is None
+        and not clear_link
+        and not clear_date
+    ):
        await update.message.reply_text("Nothing to update.")
        return

@@ -193,10 +296,15 @@ async def cmd_update(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
            text=text,
            link=link,
            due_date_ts=due_date_ts,
+            clear_link=clear_link,
+            clear_due=clear_date,
        )
    except PermissionError as e:
        await update.message.reply_text(f"⛔ {e}")
        return
+    except ValueError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return

    if success:
        await update.message.reply_text(f"✅ Bounty #{bounty_id} updated.")
@@ -311,16 +419,186 @@ async def cmd_start(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
        )


+async def cmd_show(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+    if not args:
+        await update.message.reply_text("Usage: /show <bounty_id>")
+        return
+
+    try:
+        bounty_id = int(args[0])
+    except ValueError:
+        await update.message.reply_text("Invalid bounty ID.")
+        return
+
+    room_id = get_room_id(update)
+    bounty = BOUNTY_SERVICE.get_bounty(room_id, bounty_id)
+
+    if not bounty:
+        await update.message.reply_text("Bounty not found.")
+        return
+
+    timezone = BOUNTY_SERVICE.get_timezone(room_id)
+
+    lines = []
+
+    title = bounty.text or "(no text)"
+    lines.append(f"[#{bounty.id}] {title}")
+
+    if bounty.link:
+        lines.append(f"🔗 {bounty.link}")
+
+    if bounty.due_date_ts:
+        due_str = time.strftime("%d %B %Y %H:%M", time.localtime(bounty.due_date_ts))
+        lines.append(f"📅 {due_str} ({timezone})")
+
+    username = bounty.created_by_username or f"user#{bounty.created_by_user_id}"
+    lines.append(f"👤 @{username}")
+
+    created_str = time.strftime("%Y-%m-%d %H:%M", time.localtime(bounty.created_at))
+    lines.append(f"📌 Created: {created_str}")
+
+    await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
+
+
+async def cmd_timezone(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+    room_id = get_room_id(update)
+    user_id = get_user_id(update)
+
+    if not args:
+        current_tz = BOUNTY_SERVICE.get_timezone(room_id)
+        await update.message.reply_text(f"Current timezone: {current_tz}")
+        return
+
+    timezone_str = args[0]
+
+    try:
+        ZoneInfo(timezone_str)
+    except (KeyError, ZoneInfoNotFoundError):
+        await update.message.reply_text(
+            "⛔ Invalid timezone. Use IANA format (e.g., Asia/Jakarta)"
+        )
+        return
+
+    try:
+        BOUNTY_SERVICE.set_timezone(room_id, timezone_str, user_id)
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
+
+    await update.message.reply_text(f"✅ Timezone set to {timezone_str}.")
+
+
+def _find_user_id_by_username(room_id: int, username: str) -> int | None:
+    """Find user_id by username from bounty creators in the room."""
+    bounties = BOUNTY_SERVICE.list_bounties(room_id)
+    for bounty in bounties:
+        if (
+            bounty.created_by_username
+            and bounty.created_by_username.lower() == username.lower()
+        ):
+            return bounty.created_by_user_id
+    return None
+
+
+def _find_username_by_user_id(room_id: int, user_id: int) -> str | None:
+    """Find username by user_id from bounty creators in the room."""
+    bounties = BOUNTY_SERVICE.list_bounties(room_id)
+    for bounty in bounties:
+        if bounty.created_by_user_id == user_id:
+            return bounty.created_by_username
+    return None
+
+
+async def cmd_admin(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+
+    # Handle /admin with no subcommand (list admins)
+    if not args or args[0] == "list":
+        room_id = get_room_id(update)
+        admin_ids = BOUNTY_SERVICE.list_admins(room_id)
+
+        if not admin_ids:
+            await update.message.reply_text("No admins configured for this room.")
+            return
+
+        lines = ["Room Admins:"]
+        for admin_id in admin_ids:
+            username = _find_username_by_user_id(room_id, admin_id)
+            if username:
+                lines.append(f"- @{username}")
+            else:
+                lines.append(f"- user#{admin_id}")
+
+        await update.message.reply_text("\n".join(lines))
+        return
+
+    if args[0] not in ("add", "remove"):
+        await update.message.reply_text(
+            "Usage:\n"
+            "/admin — list admins\n"
+            "/admin add @username — add admin\n"
+            "/admin remove @username — remove admin"
+        )
+        return
+
+    subcommand = args[0]
+
+    if len(args) < 2:
+        await update.message.reply_text(f"Usage: /admin {subcommand} @username")
+        return
+
+    raw_username = args[1]
+    if not raw_username.startswith("@"):
+        await update.message.reply_text(f"Usage: /admin {subcommand} @username")
+        return
+
+    username = raw_username[1:]
+
+    user_id = get_user_id(update)
+    room_id = get_room_id(update)
+
+    if not BOUNTY_SERVICE.is_admin(room_id, user_id):
+        await update.message.reply_text("⛔ Only admins can perform this action.")
+        return
+
+    target_user_id = _find_user_id_by_username(room_id, username)
+
+    if target_user_id is None:
+        await update.message.reply_text(f"⛔ User @{username} not found.")
+        return
+
+    try:
+        if subcommand == "add":
+            BOUNTY_SERVICE.add_admin(room_id, target_user_id, user_id)
+            await update.message.reply_text(f"✅ @{username} is now an admin.")
+        elif subcommand == "remove":
+            BOUNTY_SERVICE.remove_admin(room_id, target_user_id, user_id)
+            await update.message.reply_text(f"✅ @{username} is no longer an admin.")
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+
+
 async def cmd_help(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
    await update.message.reply_text(
        "👻 JIGAIDO Commands:\n\n"
        "/bounty — list all bounties\n"
        "/my — bounties you're tracking\n"
        "/add <text> [link] [due] — add bounty\n"
-        "/update <id> [text> [link] [due] — update bounty\n"
-        "/delete <id> — delete bounty\n"
+        "/update <id> [text] [link] [due] — update bounty\n"
+        "/edit <id> [text] [link] [due] — edit bounty (same as update)\n"
+        "  /edit <id> -link [<url>]  — clear or set link\n"
+        "  /edit <id> -date [<date>] — clear or set date\n"
+        "/delete <id> — delete bounty (admin only)\n"
        "/track <id> — track a bounty (groups only)\n"
        "/untrack <id> — stop tracking (groups only)\n"
+        "/show <id> — show bounty details\n"
+        "/timezone — get room timezone\n"
+        "/timezone <tz> — set room timezone (admin only)\n"
+        "/admin — list room admins\n"
+        "/admin add @username — add admin (admin only)\n"
+        "/admin remove @username — remove admin (admin only)\n"
        "/start — re-initialize\n"
        "/help — this message",
        disable_web_page_preview=True,
--- a/core/ports.py
+++ b/core/ports.py
@@ -40,6 +40,25 @@ class RoomStorage(Protocol):
        """Get a specific bounty from a room by ID."""
        ...

+    def list_bounties(self, room_id: int) -> list[Bounty]:
+        """List all non-deleted bounties in a room.
+
+        Soft-deleted bounties (where deleted_at is not None) are excluded.
+        """
+        ...
+
+    def list_all_bounties(
+        self, room_id: int, include_deleted: bool = True
+    ) -> list[Bounty]:
+        """List all bounties including or excluding soft-deleted.
+
+        Args:
+            room_id: The room ID
+            include_deleted: If True, return all bounties including soft-deleted.
+                           If False, return only non-deleted bounties.
+        """
+        ...
+

@runtime_checkable
 class TrackingStorage(Protocol):
--- a/core/services.py
+++ b/core/services.py
@@ -15,11 +15,103 @@ class BountyService:
    - Positive room_id: DM/personal context (user's Telegram ID)

    This service handles both group and personal bounties through room_id.
+
+    Permissions:
+    - /add, /edit, /delete: admin only
+    - /admin, /admin add, /admin remove: admin only
+    - /bounty, /show, /track, /untrack, /my: everyone
    """

    def __init__(self, storage: RoomStorage):
        self._storage = storage

+    def is_admin(self, room_id: int, user_id: int) -> bool:
+        """Check if user is admin in a room."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return False
+        return user_id in (room_data.admin_user_ids or [])
+
+    def add_admin(
+        self, room_id: int, admin_user_id: int, requesting_user_id: int
+    ) -> None:
+        """Add an admin to a room. Requires admin permission."""
+        if not self.is_admin(room_id, requesting_user_id):
+            raise PermissionError("Only admins can add admins.")
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=1, admin_user_ids=[]
+            )
+
+        if admin_user_id not in (room_data.admin_user_ids or []):
+            (room_data.admin_user_ids or []).append(admin_user_id)
+            self._storage.save(room_data)
+
+    def remove_admin(
+        self, room_id: int, admin_user_id: int, requesting_user_id: int
+    ) -> None:
+        """Remove an admin from a room. Requires admin permission."""
+        if not self.is_admin(room_id, requesting_user_id):
+            raise PermissionError("Only admins can remove admins.")
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return
+
+        if admin_user_id in (room_data.admin_user_ids or []):
+            (room_data.admin_user_ids or []).remove(admin_user_id)
+            self._storage.save(room_data)
+
+    def list_admins(self, room_id: int) -> list[int]:
+        """List all admin user IDs in a room."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return []
+        return list(room_data.admin_user_ids or [])
+
+    def set_timezone(
+        self, room_id: int, timezone: str, requesting_user_id: int
+    ) -> None:
+        """Set the timezone for a room. Requires admin permission."""
+        if not self.is_admin(room_id, requesting_user_id):
+            raise PermissionError("Only admins can set timezone.")
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=1, admin_user_ids=[]
+            )
+
+        room_data.timezone = timezone
+        self._storage.save(room_data)
+
+    def get_timezone(self, room_id: int) -> str:
+        """Get the timezone for a room. Returns UTC+0 if not set."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return "UTC+0"
+        return room_data.timezone or "UTC+0"
+
+    def check_link_unique(
+        self, room_id: int, link: str | None, exclude_bounty_id: int | None = None
+    ) -> bool:
+        """Check if a link is unique within a room (not used by another bounty)."""
+        if not link:
+            return True
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return True
+
+        for bounty in room_data.bounties:
+            if bounty.deleted_at is not None:
+                continue
+            if bounty.link == link and bounty.id != exclude_bounty_id:
+                return False
+        return True
+
    def add_bounty(
        self,
        room_id: int,
@@ -28,7 +120,13 @@ class BountyService:
        link: Optional[str] = None,
        due_date_ts: Optional[int] = None,
    ) -> Bounty:
-        """Add a new bounty to the room."""
+        """Add a new bounty to the room. Requires admin permission."""
+        if not self.is_admin(room_id, user_id):
+            raise PermissionError("Only admins can add bounties.")
+
+        if not self.check_link_unique(room_id, link):
+            raise ValueError("A bounty with this link already exists in this room.")
+
        room_data = self._storage.load(room_id)
        if room_data is None:
            room_data = RoomData(room_id=room_id, bounties=[], next_id=1)
@@ -47,15 +145,20 @@ class BountyService:
        return bounty

    def list_bounties(self, room_id: int) -> list[Bounty]:
-        """List all bounties in a room."""
-        room_data = self._storage.load(room_id)
-        if room_data is None:
-            return []
-        return room_data.bounties
+        """List all non-deleted bounties in a room."""
+        return self._storage.list_bounties(room_id)
+
+    def list_deleted_bounties(self, room_id: int) -> list[Bounty]:
+        """List all soft-deleted bounties in a room. For /recover functionality."""
+        all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
+        return [b for b in all_bounties if b.deleted_at is not None]

    def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
-        """Get a specific bounty by ID."""
-        return self._storage.get_bounty(room_id, bounty_id)
+        """Get a specific bounty by ID. Excludes soft-deleted bounties."""
+        bounty = self._storage.get_bounty(room_id, bounty_id)
+        if bounty and bounty.deleted_at is not None:
+            return None
+        return bounty

    def update_bounty(
        self,
@@ -68,12 +171,17 @@ class BountyService:
        clear_link: bool = False,
        clear_due: bool = False,
    ) -> bool:
-        """Update a bounty. Only creator can update."""
+        """Update a bounty. Only admins can update."""
        bounty = self._storage.get_bounty(room_id, bounty_id)
        if not bounty:
            return False
-        if bounty.created_by_user_id != user_id:
-            raise PermissionError("Only the creator can edit this bounty.")
+        if not self.is_admin(room_id, user_id):
+            raise PermissionError("Only admins can edit bounties.")
+
+        if link and not self.check_link_unique(
+            room_id, link, exclude_bounty_id=bounty_id
+        ):
+            raise ValueError("A bounty with this link already exists in this room.")

        updated = Bounty(
            id=bounty.id,
@@ -84,19 +192,22 @@ class BountyService:
            if clear_due
            else (due_date_ts if due_date_ts is not None else bounty.due_date_ts),
            created_at=bounty.created_at,
+            deleted_at=bounty.deleted_at,
+            created_by_username=bounty.created_by_username,
        )
        self._storage.update_bounty(room_id, updated)
        return True

    def delete_bounty(self, room_id: int, bounty_id: int, user_id: int) -> bool:
-        """Delete a bounty. Only creator can delete."""
+        """Soft delete a bounty. Only admins can delete."""
        bounty = self._storage.get_bounty(room_id, bounty_id)
        if not bounty:
            return False
-        if bounty.created_by_user_id != user_id:
-            raise PermissionError("Only the creator can delete this bounty.")
+        if not self.is_admin(room_id, user_id):
+            raise PermissionError("Only admins can delete bounties.")

-        self._storage.delete_bounty(room_id, bounty_id)
+        bounty.deleted_at = int(time.time())
+        self._storage.update_bounty(room_id, bounty)
        return True


@@ -147,7 +258,7 @@ class TrackingService:
        if room_data is None:
            return []

-        bounty_map = {b.id: b for b in room_data.bounties}
+        bounty_map = {b.id: b for b in room_data.bounties if b.deleted_at is None}
        return [
            bounty_map[t.bounty_id]
            for t in tracking_data.tracked
--- a/tests/test_ports.py
+++ b/tests/test_ports.py
@@ -48,6 +48,20 @@ class SimpleRoomStorage:
                    return b
        return None

+    def list_bounties(self, room_id: int) -> list[Bounty]:
+        if room_id not in self._rooms:
+            return []
+        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
+
+    def list_all_bounties(
+        self, room_id: int, include_deleted: bool = True
+    ) -> list[Bounty]:
+        if room_id not in self._rooms:
+            return []
+        if include_deleted:
+            return self._rooms[room_id].bounties
+        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
+

 class SimpleTrackingStorage:
    """Minimal mock without ensure_tracking - tests if track_bounty works without it.
@@ -119,6 +133,20 @@ class MockRoomStorage:
                    return b
        return None

+    def list_bounties(self, room_id: int) -> list[Bounty]:
+        if room_id not in self._rooms:
+            return []
+        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
+
+    def list_all_bounties(
+        self, room_id: int, include_deleted: bool = True
+    ) -> list[Bounty]:
+        if room_id not in self._rooms:
+            return []
+        if include_deleted:
+            return self._rooms[room_id].bounties
+        return [b for b in self._rooms[room_id].bounties if b.deleted_at is None]
+

 class MockTrackingStorage:
    """Mock implementation of TrackingStorage for testing."""
--- a/tests/test_services.py
+++ b/tests/test_services.py
@@ -15,18 +15,32 @@ class TestBountyService:
        """Set up fresh storage and service for each test."""
        self.storage = MockRoomStorage()
        self.service = BountyService(self.storage)
+        self.admin_user_id = 123
+        self._make_admin(-1001, self.admin_user_id)
+
+    def _make_admin(self, room_id: int, user_id: int):
+        """Helper to set up a room with an admin user."""
+        room_data = self.storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=0, admin_user_ids=[]
+            )
+        if user_id not in (room_data.admin_user_ids or []):
+            room_data.admin_user_ids = room_data.admin_user_ids or []
+            room_data.admin_user_ids.append(user_id)
+        self.storage.save(room_data)

    def test_add_bounty_creates_room_if_not_exists(self):
        """Test that add_bounty creates a new room if it doesn't exist."""
        bounty = self.service.add_bounty(
            room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
            text="Fix bug",
            link="https://github.com/issue/1",
        )
        assert bounty.id == 1
        assert bounty.text == "Fix bug"
-        assert bounty.created_by_user_id == 123
+        assert bounty.created_by_user_id == self.admin_user_id

        room = self.storage.load(-1001)
        assert room is not None
@@ -34,14 +48,25 @@ class TestBountyService:

    def test_add_bounty_increments_id(self):
        """Test that add_bounty increments bounty ID for each new bounty."""
-        b1 = self.service.add_bounty(room_id=-1001, user_id=123, text="First")
-        b2 = self.service.add_bounty(room_id=-1001, user_id=123, text="Second")
-        b3 = self.service.add_bounty(room_id=-1001, user_id=123, text="Third")
+        b1 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="First"
+        )
+        b2 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Second"
+        )
+        b3 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Third"
+        )

        assert b1.id == 1
        assert b2.id == 2
        assert b3.id == 3

+    def test_add_bounty_requires_admin(self):
+        """Test that add_bounty raises PermissionError when non-admin tries to add."""
+        with pytest.raises(PermissionError, match="Only admins can add bounties"):
+            self.service.add_bounty(room_id=-1001, user_id=999, text="Not admin")
+
    def test_list_bounties_empty_room(self):
        """Test list_bounties returns empty list for non-existent room."""
        bounties = self.service.list_bounties(-1001)
@@ -49,9 +74,15 @@ class TestBountyService:

    def test_list_bounties_returns_all_bounties(self):
        """Test list_bounties returns all bounties in a room."""
-        self.service.add_bounty(room_id=-1001, user_id=123, text="First")
-        self.service.add_bounty(room_id=-1001, user_id=123, text="Second")
-        self.service.add_bounty(room_id=-999, user_id=123, text="Other room")
+        self.service.add_bounty(room_id=-1001, user_id=self.admin_user_id, text="First")
+        self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Second"
+        )
+        # Add bounty to different room to verify isolation
+        self._make_admin(-999, self.admin_user_id)
+        self.service.add_bounty(
+            room_id=-999, user_id=self.admin_user_id, text="Other room"
+        )

        bounties = self.service.list_bounties(-1001)
        assert len(bounties) == 2
@@ -59,7 +90,9 @@ class TestBountyService:

    def test_get_bounty_found(self):
        """Test get_bounty returns bounty when it exists."""
-        created = self.service.add_bounty(room_id=-1001, user_id=123, text="Test")
+        created = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Test"
+        )
        found = self.service.get_bounty(-1001, created.id)
        assert found is not None
        assert found.text == "Test"
@@ -71,31 +104,35 @@ class TestBountyService:

    def test_get_bounty_wrong_room(self):
        """Test get_bounty returns None when bounty is in different room."""
-        self.service.add_bounty(room_id=-1001, user_id=123, text="Test")
+        self.service.add_bounty(room_id=-1001, user_id=self.admin_user_id, text="Test")
        found = self.service.get_bounty(-999, 1)  # room -999 doesn't have bounty 1
        assert found is None

    def test_update_bounty_success(self):
-        """Test update_bounty succeeds when creator updates their bounty."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="Original")
+        """Test update_bounty succeeds when admin updates their bounty."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Original"
+        )
        result = self.service.update_bounty(
            room_id=-1001,
            bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
            text="Updated",
        )
        assert result is True
        updated = self.service.get_bounty(-1001, bounty.id)
        assert updated.text == "Updated"

-    def test_update_bounty_not_creator_raises_permission_error(self):
-        """Test update_bounty raises PermissionError when non-creator tries to update."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="Original")
-        with pytest.raises(PermissionError, match="Only the creator can edit"):
+    def test_update_bounty_not_admin_raises_permission_error(self):
+        """Test update_bounty raises PermissionError when non-admin tries to update."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Original"
+        )
+        with pytest.raises(PermissionError, match="Only admins can edit bounties"):
            self.service.update_bounty(
                room_id=-1001,
                bounty_id=bounty.id,
-                user_id=999,  # different user
+                user_id=999,  # different user, not admin
                text="Hacked",
            )

@@ -104,7 +141,7 @@ class TestBountyService:
        result = self.service.update_bounty(
            room_id=-1001,
            bounty_id=999,
-            user_id=123,
+            user_id=self.admin_user_id,
            text="Updated",
        )
        assert result is False
@@ -113,14 +150,14 @@ class TestBountyService:
        """Test update_bounty only updates provided fields."""
        bounty = self.service.add_bounty(
            room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
            text="Original",
            link="https://original.link",
        )
        self.service.update_bounty(
            room_id=-1001,
            bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
            text="Updated only text",
        )
        updated = self.service.get_bounty(-1001, bounty.id)
@@ -131,35 +168,46 @@ class TestBountyService:
        """Test update_bounty can clear link."""
        bounty = self.service.add_bounty(
            room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
            text="Test",
            link="https://original.link",
        )
        self.service.update_bounty(
            room_id=-1001,
            bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
            clear_link=True,
        )
        updated = self.service.get_bounty(-1001, bounty.id)
        assert updated.link is None

    def test_delete_bounty_success(self):
-        """Test delete_bounty succeeds when creator deletes their bounty."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="To delete")
-        result = self.service.delete_bounty(-1001, bounty.id, 123)
+        """Test delete_bounty soft deletes when admin deletes their bounty."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        result = self.service.delete_bounty(-1001, bounty.id, self.admin_user_id)
        assert result is True
+        # Soft delete - bounty should not be found via get_bounty
        assert self.service.get_bounty(-1001, bounty.id) is None
+        # But still exists in list_deleted_bounties
+        deleted = self.service.list_deleted_bounties(-1001)
+        assert len(deleted) == 1
+        assert deleted[0].id == bounty.id

-    def test_delete_bounty_not_creator_raises_permission_error(self):
-        """Test delete_bounty raises PermissionError when non-creator tries to delete."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="To delete")
-        with pytest.raises(PermissionError, match="Only the creator can delete"):
-            self.service.delete_bounty(-1001, bounty.id, 999)  # different user
+    def test_delete_bounty_not_admin_raises_permission_error(self):
+        """Test delete_bounty raises PermissionError when non-admin tries to delete."""
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        with pytest.raises(PermissionError, match="Only admins can delete bounties"):
+            self.service.delete_bounty(
+                -1001, bounty.id, 999
+            )  # different user, not admin

    def test_delete_bounty_not_found(self):
        """Test delete_bounty returns False when bounty doesn't exist."""
-        result = self.service.delete_bounty(-1001, 999, 123)
+        result = self.service.delete_bounty(-1001, 999, self.admin_user_id)
        assert result is False


@@ -171,9 +219,27 @@ class TestTrackingService:
        self.room_storage = MockRoomStorage()
        self.tracking_storage = MockTrackingStorage()
        self.service = TrackingService(self.tracking_storage, self.room_storage)
+        self.admin_user_id = 123
+        self._make_admin(-1001, self.admin_user_id)
+
+    def _make_admin(self, room_id: int, user_id: int):
+        """Helper to set up a room with an admin user."""
+        room_data = self.room_storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=0, admin_user_ids=[]
+            )
+        if user_id not in (room_data.admin_user_ids or []):
+            room_data.admin_user_ids = room_data.admin_user_ids or []
+            room_data.admin_user_ids.append(user_id)
+        self.room_storage.save(room_data)

    def _add_bounty(self, room_id=-1001, user_id=123, text="Test bounty"):
        """Helper to add a bounty for tracking tests."""
+        if self.room_storage.load(room_id) is None or user_id not in (
+            self.room_storage.load(room_id).admin_user_ids or []
+        ):
+            self._make_admin(room_id, user_id)
        bounty_service = BountyService(self.room_storage)
        return bounty_service.add_bounty(room_id=room_id, user_id=user_id, text=text)
Author	SHA1	Message	Date
shokollm	5e9ec3a5ec	feat: add /admin command to list room admins Implement /admin command as specified in issue #50: - Lists all admin user IDs for the current room - Output format: 'Room Admins:\n- @user1\n- @user2' - Shows 'No admins configured for this room.' if none exist - Available to everyone (no permission check needed) Changes: - Add _find_username_by_user_id helper function - Update cmd_admin to support listing when called with no args - Update /help to include /admin command Closes #50	2026-04-04 13:07:52 +00:00
shoko	003c570cfb	Merge pull request 'feat(/add): add admin-only and link uniqueness handling' (#77 ) from fix/issue-45-v3 into main	2026-04-04 12:59:48 +02:00
shokollm	bac6830fc3	feat(/add): add admin-only and link uniqueness handling Wrap add_bounty call in try-except to handle PermissionError and ValueError from admin check and link uniqueness check. Fixes #45	2026-04-04 17:59:20 +07:00
shoko	2dd11a8b48	Merge pull request 'feat: remove "by user" from bounty list display' (#76 ) from fix/issue-55 into main	2026-04-04 12:53:36 +02:00
shokollm	2617d17e28	feat: remove "by user" from bounty list display Removes created_by_user_id from format_bounty() output. Fixes #55	2026-04-04 17:52:47 +07:00
shoko	b091153f10	Merge pull request 'feat: implement /admin add\|remove @username command' (#75 ) from fix/issue-51-v2 into main	2026-04-04 12:18:31 +02:00
shokollm	ce864d9fdc	feat: implement /admin add\|remove @username command - Add cmd_admin handler for /admin add\|remove @username - Add _find_user_id_by_username helper to resolve usernames from bounty creators - Register admin command handler in bot.py - Add 'admin' to bot command list - Addresses issue #51	2026-04-04 08:20:35 +00:00
shoko	e805a6428a	Merge pull request 'feat: implement /timezone command to get/set room timezone' (#72 ) from fix/issue-53 into main	2026-04-04 10:15:42 +02:00
shokollm	6da16e752b	feat: implement /timezone command to get/set room timezone Re-implement the timezone command that was reverted. - Add cmd_timezone function with get/set functionality - Validate timezone using zoneinfo (IANA format) - Admin-only permission via service layer - Update help text and bot command list - Fix indentation bug in cmd_add (duplicate lines) Fixes #53	2026-04-04 08:14:58 +00:00
shoko	e3b813661d	Merge pull request 'feat(/bounty): add pagination, sorting, and filtering' (#62 ) from fix/issue-48-bounty-pagination into main	2026-04-04 10:09:29 +02:00
shoko	bdb0f3cd8b	Merge pull request 'feat: implement /show command to display full bounty details' (#59 ) from fix/issue-44 into main	2026-04-04 10:09:28 +02:00
shokollm	649b1ffbd3	revert: remove timezone command and revert date format to simple YYYY-MM-DD This reverts: - cmd_timezone function (issue #67) - format_due_date with human-readable dates (issue #68) - Reverts date display back to time.strftime("%Y-%m-%d") - Keeps /edit command with -link/-date flags (issue #46)	2026-04-04 15:05:29 +07:00
shokollm	b8f6b98836	Merge pull request #61 from fix/issue-46	2026-04-04 07:40:59 +00:00
shokollm	c005ee341a	Revert "Merge pull request 'feat: add multi-ID delete support with per-ID results' (#63 ) from fix/issue-47 into main" This reverts commit `bd2627efe9`, reversing changes made to `42ed551554`.	2026-04-04 07:24:03 +00:00
shoko	922858a81a	Merge pull request 'feat: human-readable date format with timezone awareness' (#68 ) from fix/issue-54 into main	2026-04-04 09:20:43 +02:00
shokollm	f521a682c5	feat: human-readable date format with timezone awareness - Add format_due_date() function that formats dates as '4 April 2026' or '4 April 2026 14:30 (Asia/Jakarta)' with timezone support - Update format_bounty() to use timezone-aware date formatting - Update cmd_bounty, cmd_my, cmd_add to pass room_id for timezone - Dates now display in room's configured timezone - Fixes #54	2026-04-04 07:19:18 +00:00
shoko	015df15bd5	Merge pull request 'feat: implement /timezone command to get/set room timezone' (#67 ) from feat/issue-53-timezone into main	2026-04-04 09:13:41 +02:00
shokollm	eed3ab33ae	feat: implement /timezone command to get/set room timezone - Add cmd_timezone handler for /timezone command - Validate timezone using IANA format (zoneinfo.ZoneInfo) - Use existing BountyService.get_timezone and set_timezone methods - Admin-only permission via service layer - Update help text and bot command list - Fixes #53	2026-04-04 07:12:23 +00:00
shoko	bd2627efe9	Merge pull request 'feat: add multi-ID delete support with per-ID results' (#63 ) from fix/issue-47 into main	2026-04-04 08:54:55 +02:00
shokollm	8069ed6465	feat: add multi-ID delete support with per-ID results - Add delete_bounties method to BountyService that returns individual results per bounty ID (deleted, not_found, permission_denied) - Update cmd_delete to accept multiple IDs and show per-ID messages - Add tests for delete_bounties Example output: /delete 1 2 3 ✅ Bounty #1 deleted. ✅ Bounty #2 deleted. ⛔ Bounty #3 not found. Fixes #47	2026-04-04 06:39:11 +00:00
shokollm	d38d47fb79	feat(/bounty): add pagination, sorting, and filtering - Default shows 5 bounties per page - /bounty 10 - show 10 bounties - /bounty all - show all active (exclude overdue >24h) - /bounty all 10 - show 10 including expired Filtering: - Overdue >24h filtered out by default - 'all' flag includes overdue Sorting: - Bounties with due date sorted by due_date_ts (earliest first) - Bounties without due date shown last, sorted by created_at Output format updated: - Header shows 'Showing X of Y bounties' - Description sliced to 40 chars when showing pagination info - Date format changed to '4 Apr 2026' style Fixes #48	2026-04-04 05:54:56 +00:00
shokollm	a06e1327fb	feat(/edit): per-argument updates + clear syntax + admin-only - Add -link and -date flags to /edit command for field clearing - /edit <id> -link - clear link - /edit <id> -date - clear date - /edit <id> -link <url> - set link - /edit <id> -date <date> - set date - /edit <id> text -link - update text, clear link - /edit <id> text <url> - update text and set link - Parse_args now returns (text, link, due_date_ts, clear_link, clear_date) - Update usage messages and help text - Fixes #46	2026-04-04 05:51:56 +00:00
shokollm	780cba6301	feat: implement /show command to display full bounty details - Add cmd_show function to display bounty details including: - ID and full text (not sliced) - Link if exists - Due date formatted with room timezone - Created by username - Created at timestamp - Register show command handler in bot.py - Add show command to help text and bot command list - Fixes #44	2026-04-04 05:43:50 +00:00
shoko	42ed551554	Merge pull request 'feat: implement service layer for Phase 2' (#58 ) from fix/issue-43 into main	2026-04-04 07:36:09 +02:00
shokollm	af7774ef03	feat: implement service layer for Phase 2 - admin management, timezone, soft delete BountyService: - Add is_admin(), add_admin(), remove_admin(), list_admins() - Add set_timezone(), get_timezone() - Add check_link_unique(), list_deleted_bounties() - Modify add_bounty() to check link uniqueness and require admin - Modify update_bounty() to require admin permission (not creator) - Modify delete_bounty() to perform soft delete (set deleted_at) - get_bounty() now filters out soft-deleted bounties - list_bounties() uses storage.list_bounties() which excludes soft-deleted TrackingService: - get_tracked_bounties() now filters out soft-deleted bounties Tests updated to reflect new admin-only permissions and soft delete behavior.	2026-04-04 05:27:40 +00:00
shoko	0a64b4f310	Merge pull request 'feat: add list_bounties and list_all_bounties methods to storage adapter' (#57 ) from fix/issue-42 into main	2026-04-04 07:17:07 +02:00
shokollm	ed0d31bc04	feat: add list_bounties and list_all_bounties methods to storage adapter Add filtering methods to JsonFileRoomStorage for Phase 2 soft delete support: - list_bounties(room_id): returns only non-deleted bounties for normal queries - list_all_bounties(room_id, include_deleted=True): returns all bounties for /recover Update RoomStorage protocol to include the new methods. Update mock classes in tests to pass isinstance checks. Fixes #42	2026-04-04 05:12:19 +00:00
shoko	d413f6ce13	Merge pull request 'feat: Model updates - add deleted_at, timezone, admin_user_ids fields' (#56 ) from fix/issue-41 into main	2026-04-04 07:08:28 +02:00