Merge main into fix/issue-45-add-command-update: resolve conflict with room_id param

This reverts commit bd2627efe9, reversing
changes made to 42ed551554.

apps/telegram-bot/bot.py

@@ -14,6 +14,7 @@ from commands import (
     cmd_help,
     cmd_my,
     cmd_start,
+    cmd_timezone,
     cmd_track,
     cmd_untrack,
     cmd_update,
@@ -41,6 +42,7 @@ def build_app() -> Application:
     app.add_handler(CommandHandler("delete", cmd_delete))
     app.add_handler(CommandHandler("track", cmd_track))
     app.add_handler(CommandHandler("untrack", cmd_untrack))
+    app.add_handler(CommandHandler("timezone", cmd_timezone))
 
     app.add_handler(MessageHandler(filters.COMMAND, cmd_help))
 
@@ -56,6 +58,7 @@ async def post_init(app: Application) -> None:
             ("edit", "Edit a bounty"),
             ("track", "Track a bounty"),
             ("untrack", "Stop tracking"),
+            ("timezone", "Get/set room timezone"),
             ("help", "Show help"),
         ]
     )

apps/telegram-bot/commands.py

@@ -1,8 +1,10 @@
 """Telegram command handlers for JIGAIDO - Thin wrappers around core services."""
 
 import time
+from datetime import datetime
 from functools import wraps
 from typing import Optional
+from zoneinfo import ZoneInfo, ZoneInfoNotFoundError
 
 import dateparser
 from telegram import Update
@@ -19,6 +21,34 @@ TRACKING_SERVICE = TrackingService(TRACKING_STORAGE, ROOM_STORAGE)
 TELEGRAM_BOT_USERNAME = "your_bot_username"
 
 
+def format_due_date(due_date_ts: int | None, timezone_str: str) -> str:
+    """Format due date as human-readable with timezone.
+
+    Examples:
+        No due date:     (none shown)
+        Date only:       4 April 2026
+        Date + time:     4 April 2026 14:30
+        With timezone:   4 April 2026 14:30 (Asia/Jakarta)
+    """
+    if not due_date_ts:
+        return ""
+
+    try:
+        tz = ZoneInfo(timezone_str)
+    except (KeyError, ZoneInfoNotFoundError):
+        tz = ZoneInfo("UTC")
+
+    dt = datetime.fromtimestamp(due_date_ts, tz=tz)
+
+    date_str = dt.strftime("%-d %B %Y")
+
+    if dt.hour != 0 or dt.minute != 0:
+        date_str += f" {dt.strftime('%H:%M')}"
+        date_str += f" ({timezone_str})"
+
+    return date_str
+
+
 def extract_args(text: str) -> list[str]:
     if not text:
         return []
@@ -32,23 +62,53 @@ def parse_args(args: list[str]) -> tuple[Optional[str], Optional[str], Optional[
     due_date_ts = None
 
     remaining = []
-    for arg in args:
+    i = 0
+    while i < len(args):
+        arg = args[i]
         if not link and (arg.startswith("http://") or arg.startswith("https://")):
             link = arg
         elif due_date_ts is None:
             parsed = dateparser.parse(arg)
             if parsed:
                 due_date_ts = int(parsed.timestamp())
+                if i + 1 < len(args) and _is_time_format(args[i + 1]):
+                    time_str = args[i + 1]
+                    hour, minute = map(int, time_str.split(":"))
+                    due_date_ts = _set_time_on_timestamp(due_date_ts, hour, minute)
+                    i += 1
             else:
                 remaining.append(arg)
         else:
             remaining.append(arg)
+        i += 1
 
     text = " ".join(remaining) if remaining else None
     return text, link, due_date_ts
 
 
-def format_bounty(b, show_id: bool = True) -> str:
+def _is_time_format(s: str) -> bool:
+    """Check if string matches HH:MM format."""
+    if not s or len(s) != 5:
+        return False
+    if s[2] != ":":
+        return False
+    try:
+        h, m = map(int, s.split(":"))
+        return 0 <= h <= 23 and 0 <= m <= 59
+    except ValueError:
+        return False
+
+
+def _set_time_on_timestamp(ts: int, hour: int, minute: int) -> int:
+    """Set time (hour:minute) on a Unix timestamp, keeping the date."""
+    import datetime
+
+    dt = datetime.datetime.fromtimestamp(ts)
+    dt = dt.replace(hour=hour, minute=minute, second=0, microsecond=0)
+    return int(dt.timestamp())
+
+
+def format_bounty(b, show_id: bool = True, room_id: int | None = None) -> str:
     parts = []
     if show_id:
         parts.append(f"[#{b.id}]")
@@ -57,7 +117,11 @@ def format_bounty(b, show_id: bool = True) -> str:
     if b.link:
         parts.append(f"🔗 {b.link}")
     if b.due_date_ts:
-        due_str = time.strftime("%Y-%m-%d", time.localtime(b.due_date_ts))
+        timezone_str = "UTC"
+        if room_id is not None:
+            timezone_str = BOUNTY_SERVICE.get_timezone(room_id)
+
+        due_str = format_due_date(b.due_date_ts, timezone_str)
         days_left = (b.due_date_ts - int(time.time())) // 86400
         if days_left < 0:
             parts.append(f"⏰ {due_str} (OVERDUE)")
@@ -101,7 +165,7 @@ async def cmd_bounty(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         await update.message.reply_text("No bounties yet.")
         return
 
-    lines = [format_bounty(b, show_id=True) for b in bounties]
+    lines = [format_bounty(b, show_id=True, room_id=room_id) for b in bounties]
     await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
 
 
@@ -111,6 +175,7 @@ async def cmd_my(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     if is_group(update):
         group_id = get_group_id(update)
         bounties = TRACKING_SERVICE.get_tracked_bounties(group_id, user_id)
+        room_id = group_id
     else:
         room_id = get_room_id(update)
         bounties = BOUNTY_SERVICE.list_bounties(room_id)
@@ -124,7 +189,7 @@ async def cmd_my(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         await update.message.reply_text(msg)
         return
 
-    lines = [format_bounty(b, show_id=True) for b in bounties]
+    lines = [format_bounty(b, show_id=True, room_id=room_id) for b in bounties]
     await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
 
 
@@ -132,8 +197,8 @@ async def cmd_add(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     args = extract_args(update.message.text)
     if not args:
         await update.message.reply_text(
-            "Usage: /add <text> [link] [due_date]\n"
+            "Usage: /add <text> [link] [date] [time]\n"
-            "Example: /add Fix the bug https://github.com/foo/bar tomorrow"
+            "Example: /add Fix bug https://github.com/foo/bar april 15 14:30"
         )
         return
 
@@ -145,6 +210,7 @@ async def cmd_add(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     user_id = get_user_id(update)
     room_id = get_room_id(update)
 
+    try:
         bounty = BOUNTY_SERVICE.add_bounty(
             room_id=room_id,
             user_id=user_id,
@@ -152,10 +218,17 @@ async def cmd_add(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
             link=link,
             due_date_ts=due_date_ts,
         )
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
+    except ValueError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
 
     due_str = ""
     if due_date_ts:
-        due_str = f" | Due: {time.strftime('%Y-%m-%d', time.localtime(due_date_ts))}"
+        timezone_str = BOUNTY_SERVICE.get_timezone(room_id)
+        due_str = f" | Due: {format_due_date(due_date_ts, timezone_str)}"
 
     await update.message.reply_text(
         f"✅ Bounty added (#{bounty.id}){due_str}",
@@ -316,12 +389,42 @@ async def cmd_help(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         "👻 JIGAIDO Commands:\n\n"
         "/bounty — list all bounties\n"
         "/my — bounties you're tracking\n"
-        "/add <text> [link] [due] — add bounty\n"
+        "/add <text> [link] [date] [time] — add bounty (admin only)\n"
-        "/update <id> [text> [link] [due] — update bounty\n"
+        "/update <id> [text] [link] [due] — update bounty (admin only)\n"
-        "/delete <id> — delete bounty\n"
+        "/delete <id> — delete bounty (admin only)\n"
         "/track <id> — track a bounty (groups only)\n"
         "/untrack <id> — stop tracking (groups only)\n"
+        "/timezone [tz] — get/set room timezone (admin only)\n"
         "/start — re-initialize\n"
         "/help — this message",
         disable_web_page_preview=True,
     )
+
+
+async def cmd_timezone(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+    room_id = get_room_id(update)
+    user_id = get_user_id(update)
+
+    if not args:
+        current_tz = BOUNTY_SERVICE.get_timezone(room_id)
+        await update.message.reply_text(f"Current timezone: {current_tz}")
+        return
+
+    timezone_str = args[0]
+
+    try:
+        ZoneInfo(timezone_str)
+    except (KeyError, ZoneInfoNotFoundError):
+        await update.message.reply_text(
+            "⛔ Invalid timezone. Use IANA format (e.g., Asia/Jakarta)"
+        )
+        return
+
+    try:
+        BOUNTY_SERVICE.set_timezone(room_id, timezone_str, user_id)
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
+
+    await update.message.reply_text(f"✅ Timezone set to {timezone_str}.")

core/services.py

@@ -15,11 +15,106 @@ class BountyService:
     - Positive room_id: DM/personal context (user's Telegram ID)
 
     This service handles both group and personal bounties through room_id.
+
+    Permissions:
+    - /add, /edit, /delete: admin only
+    - /admin, /admin add, /admin remove: admin only
+    - /bounty, /show, /track, /untrack, /my: everyone
     """
 
     def __init__(self, storage: RoomStorage):
         self._storage = storage
 
+    def is_admin(self, room_id: int, user_id: int) -> bool:
+        """Check if user is admin in a room."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return False
+        return user_id in (room_data.admin_user_ids or [])
+
+    def add_admin(
+        self, room_id: int, admin_user_id: int, requesting_user_id: int
+    ) -> None:
+        """Add an admin to a room. Requires admin permission."""
+        if not self.is_admin(room_id, requesting_user_id):
+            raise PermissionError("Only admins can add admins.")
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=1, admin_user_ids=[]
+            )
+
+        if admin_user_id not in (room_data.admin_user_ids or []):
+            (room_data.admin_user_ids or []).append(admin_user_id)
+            self._storage.save(room_data)
+
+    def remove_admin(
+        self, room_id: int, admin_user_id: int, requesting_user_id: int
+    ) -> None:
+        """Remove an admin from a room. Requires admin permission."""
+        if not self.is_admin(room_id, requesting_user_id):
+            raise PermissionError("Only admins can remove admins.")
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return
+
+        if admin_user_id in (room_data.admin_user_ids or []):
+            (room_data.admin_user_ids or []).remove(admin_user_id)
+            self._storage.save(room_data)
+
+    def list_admins(self, room_id: int) -> list[int]:
+        """List all admin user IDs in a room."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return []
+        return list(room_data.admin_user_ids or [])
+
+    def set_timezone(
+        self, room_id: int, timezone: str, requesting_user_id: int
+    ) -> None:
+        """Set the timezone for a room. Requires admin permission."""
+        if not self.is_admin(room_id, requesting_user_id):
+            raise PermissionError("Only admins can set timezone.")
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=1, admin_user_ids=[]
+            )
+
+        room_data.timezone = timezone
+        self._storage.save(room_data)
+
+    def get_timezone(self, room_id: int) -> str:
+        """Get the timezone for a room. Returns UTC+0 if not set."""
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return "UTC+0"
+        return room_data.timezone or "UTC+0"
+
+    def check_link_unique(
+        self, room_id: int, link: str | None, exclude_bounty_id: int | None = None
+    ) -> int | None:
+        """Check if a link is unique within a room (not used by another bounty).
+
+        Returns the conflicting bounty ID if found, or None if unique/allowed.
+        """
+        if not link:
+            return None
+
+        room_data = self._storage.load(room_id)
+        if room_data is None:
+            return None
+
+        for bounty in room_data.bounties:
+            if bounty.deleted_at is not None:
+                continue
+            if bounty.link == link and bounty.id != exclude_bounty_id:
+                return bounty.id
+        return None
+
     def add_bounty(
         self,
         room_id: int,
@@ -28,7 +123,16 @@ class BountyService:
         link: Optional[str] = None,
         due_date_ts: Optional[int] = None,
     ) -> Bounty:
-        """Add a new bounty to the room."""
+        """Add a new bounty to the room. Requires admin permission."""
+        if not self.is_admin(room_id, user_id):
+            raise PermissionError("Only admins can add bounties.")
+
+        conflicting_id = self.check_link_unique(room_id, link)
+        if conflicting_id is not None:
+            raise ValueError(
+                f"A bounty with this link already exists: #{conflicting_id}"
+            )
+
         room_data = self._storage.load(room_id)
         if room_data is None:
             room_data = RoomData(room_id=room_id, bounties=[], next_id=1)
@@ -47,15 +151,20 @@ class BountyService:
         return bounty
 
     def list_bounties(self, room_id: int) -> list[Bounty]:
-        """List all bounties in a room."""
+        """List all non-deleted bounties in a room."""
-        room_data = self._storage.load(room_id)
+        return self._storage.list_bounties(room_id)
-        if room_data is None:
+
-            return []
+    def list_deleted_bounties(self, room_id: int) -> list[Bounty]:
-        return room_data.bounties
+        """List all soft-deleted bounties in a room. For /recover functionality."""
+        all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
+        return [b for b in all_bounties if b.deleted_at is not None]
 
     def get_bounty(self, room_id: int, bounty_id: int) -> Bounty | None:
-        """Get a specific bounty by ID."""
+        """Get a specific bounty by ID. Excludes soft-deleted bounties."""
-        return self._storage.get_bounty(room_id, bounty_id)
+        bounty = self._storage.get_bounty(room_id, bounty_id)
+        if bounty and bounty.deleted_at is not None:
+            return None
+        return bounty
 
     def update_bounty(
         self,
@@ -68,12 +177,19 @@ class BountyService:
         clear_link: bool = False,
         clear_due: bool = False,
     ) -> bool:
-        """Update a bounty. Only creator can update."""
+        """Update a bounty. Only admins can update."""
         bounty = self._storage.get_bounty(room_id, bounty_id)
         if not bounty:
             return False
-        if bounty.created_by_user_id != user_id:
+        if not self.is_admin(room_id, user_id):
-            raise PermissionError("Only the creator can edit this bounty.")
+            raise PermissionError("Only admins can edit bounties.")
+
+        if (
+            link
+            and self.check_link_unique(room_id, link, exclude_bounty_id=bounty_id)
+            is not None
+        ):
+            raise ValueError("A bounty with this link already exists in this room.")
 
         updated = Bounty(
             id=bounty.id,
@@ -84,19 +200,22 @@ class BountyService:
             if clear_due
             else (due_date_ts if due_date_ts is not None else bounty.due_date_ts),
             created_at=bounty.created_at,
+            deleted_at=bounty.deleted_at,
+            created_by_username=bounty.created_by_username,
         )
         self._storage.update_bounty(room_id, updated)
         return True
 
     def delete_bounty(self, room_id: int, bounty_id: int, user_id: int) -> bool:
-        """Delete a bounty. Only creator can delete."""
+        """Soft delete a bounty. Only admins can delete."""
         bounty = self._storage.get_bounty(room_id, bounty_id)
         if not bounty:
             return False
-        if bounty.created_by_user_id != user_id:
+        if not self.is_admin(room_id, user_id):
-            raise PermissionError("Only the creator can delete this bounty.")
+            raise PermissionError("Only admins can delete bounties.")
 
-        self._storage.delete_bounty(room_id, bounty_id)
+        bounty.deleted_at = int(time.time())
+        self._storage.update_bounty(room_id, bounty)
         return True
 
 
@@ -147,7 +266,7 @@ class TrackingService:
         if room_data is None:
             return []
 
-        bounty_map = {b.id: b for b in room_data.bounties}
+        bounty_map = {b.id: b for b in room_data.bounties if b.deleted_at is None}
         return [
             bounty_map[t.bounty_id]
             for t in tracking_data.tracked

tests/test_services.py

@@ -15,18 +15,32 @@ class TestBountyService:
         """Set up fresh storage and service for each test."""
         self.storage = MockRoomStorage()
         self.service = BountyService(self.storage)
+        self.admin_user_id = 123
+        self._make_admin(-1001, self.admin_user_id)
+
+    def _make_admin(self, room_id: int, user_id: int):
+        """Helper to set up a room with an admin user."""
+        room_data = self.storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=0, admin_user_ids=[]
+            )
+        if user_id not in (room_data.admin_user_ids or []):
+            room_data.admin_user_ids = room_data.admin_user_ids or []
+            room_data.admin_user_ids.append(user_id)
+        self.storage.save(room_data)
 
     def test_add_bounty_creates_room_if_not_exists(self):
         """Test that add_bounty creates a new room if it doesn't exist."""
         bounty = self.service.add_bounty(
             room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Fix bug",
             link="https://github.com/issue/1",
         )
         assert bounty.id == 1
         assert bounty.text == "Fix bug"
-        assert bounty.created_by_user_id == 123
+        assert bounty.created_by_user_id == self.admin_user_id
 
         room = self.storage.load(-1001)
         assert room is not None
@@ -34,14 +48,25 @@ class TestBountyService:
 
     def test_add_bounty_increments_id(self):
         """Test that add_bounty increments bounty ID for each new bounty."""
-        b1 = self.service.add_bounty(room_id=-1001, user_id=123, text="First")
+        b1 = self.service.add_bounty(
-        b2 = self.service.add_bounty(room_id=-1001, user_id=123, text="Second")
+            room_id=-1001, user_id=self.admin_user_id, text="First"
-        b3 = self.service.add_bounty(room_id=-1001, user_id=123, text="Third")
+        )
+        b2 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Second"
+        )
+        b3 = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Third"
+        )
 
         assert b1.id == 1
         assert b2.id == 2
         assert b3.id == 3
 
+    def test_add_bounty_requires_admin(self):
+        """Test that add_bounty raises PermissionError when non-admin tries to add."""
+        with pytest.raises(PermissionError, match="Only admins can add bounties"):
+            self.service.add_bounty(room_id=-1001, user_id=999, text="Not admin")
+
     def test_list_bounties_empty_room(self):
         """Test list_bounties returns empty list for non-existent room."""
         bounties = self.service.list_bounties(-1001)
@@ -49,9 +74,15 @@ class TestBountyService:
 
     def test_list_bounties_returns_all_bounties(self):
         """Test list_bounties returns all bounties in a room."""
-        self.service.add_bounty(room_id=-1001, user_id=123, text="First")
+        self.service.add_bounty(room_id=-1001, user_id=self.admin_user_id, text="First")
-        self.service.add_bounty(room_id=-1001, user_id=123, text="Second")
+        self.service.add_bounty(
-        self.service.add_bounty(room_id=-999, user_id=123, text="Other room")
+            room_id=-1001, user_id=self.admin_user_id, text="Second"
+        )
+        # Add bounty to different room to verify isolation
+        self._make_admin(-999, self.admin_user_id)
+        self.service.add_bounty(
+            room_id=-999, user_id=self.admin_user_id, text="Other room"
+        )
 
         bounties = self.service.list_bounties(-1001)
         assert len(bounties) == 2
@@ -59,7 +90,9 @@ class TestBountyService:
 
     def test_get_bounty_found(self):
         """Test get_bounty returns bounty when it exists."""
-        created = self.service.add_bounty(room_id=-1001, user_id=123, text="Test")
+        created = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Test"
+        )
         found = self.service.get_bounty(-1001, created.id)
         assert found is not None
         assert found.text == "Test"
@@ -71,31 +104,35 @@ class TestBountyService:
 
     def test_get_bounty_wrong_room(self):
         """Test get_bounty returns None when bounty is in different room."""
-        self.service.add_bounty(room_id=-1001, user_id=123, text="Test")
+        self.service.add_bounty(room_id=-1001, user_id=self.admin_user_id, text="Test")
         found = self.service.get_bounty(-999, 1)  # room -999 doesn't have bounty 1
         assert found is None
 
     def test_update_bounty_success(self):
-        """Test update_bounty succeeds when creator updates their bounty."""
+        """Test update_bounty succeeds when admin updates their bounty."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="Original")
+        bounty = self.service.add_bounty(
+            room_id=-1001, user_id=self.admin_user_id, text="Original"
+        )
         result = self.service.update_bounty(
             room_id=-1001,
             bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Updated",
         )
         assert result is True
         updated = self.service.get_bounty(-1001, bounty.id)
         assert updated.text == "Updated"
 
-    def test_update_bounty_not_creator_raises_permission_error(self):
+    def test_update_bounty_not_admin_raises_permission_error(self):
-        """Test update_bounty raises PermissionError when non-creator tries to update."""
+        """Test update_bounty raises PermissionError when non-admin tries to update."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="Original")
+        bounty = self.service.add_bounty(
-        with pytest.raises(PermissionError, match="Only the creator can edit"):
+            room_id=-1001, user_id=self.admin_user_id, text="Original"
+        )
+        with pytest.raises(PermissionError, match="Only admins can edit bounties"):
             self.service.update_bounty(
                 room_id=-1001,
                 bounty_id=bounty.id,
-                user_id=999,  # different user
+                user_id=999,  # different user, not admin
                 text="Hacked",
             )
 
@@ -104,7 +141,7 @@ class TestBountyService:
         result = self.service.update_bounty(
             room_id=-1001,
             bounty_id=999,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Updated",
         )
         assert result is False
@@ -113,14 +150,14 @@ class TestBountyService:
         """Test update_bounty only updates provided fields."""
         bounty = self.service.add_bounty(
             room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Original",
             link="https://original.link",
         )
         self.service.update_bounty(
             room_id=-1001,
             bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Updated only text",
         )
         updated = self.service.get_bounty(-1001, bounty.id)
@@ -131,35 +168,46 @@ class TestBountyService:
         """Test update_bounty can clear link."""
         bounty = self.service.add_bounty(
             room_id=-1001,
-            user_id=123,
+            user_id=self.admin_user_id,
             text="Test",
             link="https://original.link",
         )
         self.service.update_bounty(
             room_id=-1001,
             bounty_id=bounty.id,
-            user_id=123,
+            user_id=self.admin_user_id,
             clear_link=True,
         )
         updated = self.service.get_bounty(-1001, bounty.id)
         assert updated.link is None
 
     def test_delete_bounty_success(self):
-        """Test delete_bounty succeeds when creator deletes their bounty."""
+        """Test delete_bounty soft deletes when admin deletes their bounty."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="To delete")
+        bounty = self.service.add_bounty(
-        result = self.service.delete_bounty(-1001, bounty.id, 123)
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
+        )
+        result = self.service.delete_bounty(-1001, bounty.id, self.admin_user_id)
         assert result is True
+        # Soft delete - bounty should not be found via get_bounty
         assert self.service.get_bounty(-1001, bounty.id) is None
+        # But still exists in list_deleted_bounties
+        deleted = self.service.list_deleted_bounties(-1001)
+        assert len(deleted) == 1
+        assert deleted[0].id == bounty.id
 
-    def test_delete_bounty_not_creator_raises_permission_error(self):
+    def test_delete_bounty_not_admin_raises_permission_error(self):
-        """Test delete_bounty raises PermissionError when non-creator tries to delete."""
+        """Test delete_bounty raises PermissionError when non-admin tries to delete."""
-        bounty = self.service.add_bounty(room_id=-1001, user_id=123, text="To delete")
+        bounty = self.service.add_bounty(
-        with pytest.raises(PermissionError, match="Only the creator can delete"):
+            room_id=-1001, user_id=self.admin_user_id, text="To delete"
-            self.service.delete_bounty(-1001, bounty.id, 999)  # different user
+        )
+        with pytest.raises(PermissionError, match="Only admins can delete bounties"):
+            self.service.delete_bounty(
+                -1001, bounty.id, 999
+            )  # different user, not admin
 
     def test_delete_bounty_not_found(self):
         """Test delete_bounty returns False when bounty doesn't exist."""
-        result = self.service.delete_bounty(-1001, 999, 123)
+        result = self.service.delete_bounty(-1001, 999, self.admin_user_id)
         assert result is False
 
 
@@ -171,9 +219,27 @@ class TestTrackingService:
         self.room_storage = MockRoomStorage()
         self.tracking_storage = MockTrackingStorage()
         self.service = TrackingService(self.tracking_storage, self.room_storage)
+        self.admin_user_id = 123
+        self._make_admin(-1001, self.admin_user_id)
+
+    def _make_admin(self, room_id: int, user_id: int):
+        """Helper to set up a room with an admin user."""
+        room_data = self.room_storage.load(room_id)
+        if room_data is None:
+            room_data = RoomData(
+                room_id=room_id, bounties=[], next_id=0, admin_user_ids=[]
+            )
+        if user_id not in (room_data.admin_user_ids or []):
+            room_data.admin_user_ids = room_data.admin_user_ids or []
+            room_data.admin_user_ids.append(user_id)
+        self.room_storage.save(room_data)
 
     def _add_bounty(self, room_id=-1001, user_id=123, text="Test bounty"):
         """Helper to add a bounty for tracking tests."""
+        if self.room_storage.load(room_id) is None or user_id not in (
+            self.room_storage.load(room_id).admin_user_ids or []
+        ):
+            self._make_admin(room_id, user_id)
         bounty_service = BountyService(self.room_storage)
         return bounty_service.add_bounty(room_id=room_id, user_id=user_id, text=text)