feat: implement /recover command for listing and recovering soft-deleted bounties

- Add recover_bounty method to BountyService (admin-only) - Add cmd_recover handler for listing and recovering deleted bounties - Register /recover command in bot.py - Add /recover to bot command list /recover - list all recoverable bounties (sorted by deleted_at desc) /recover <id...> - recover specific bounty(ies) Output formats: List: [#1] Deleted bounty | 🗑️ Deleted 2 Apr 2026 Recover: ✅ Recovered bounty #1. or ⛔ Bounty #5 not found or not deleted. Fixes #49
2026-04-04 13:12:13 +00:00
4 changed files with 95 additions and 71 deletions
--- a/apps/telegram-bot/bot.py
+++ b/apps/telegram-bot/bot.py
@@ -14,6 +14,7 @@ from commands import (
    cmd_edit,
    cmd_help,
    cmd_my,
+    cmd_recover,
    cmd_show,
    cmd_start,
    cmd_timezone,
@@ -47,6 +48,7 @@ def build_app() -> Application:
    app.add_handler(CommandHandler("show", cmd_show))
    app.add_handler(CommandHandler("timezone", cmd_timezone))
    app.add_handler(CommandHandler("admin", cmd_admin))
+    app.add_handler(CommandHandler("recover", cmd_recover))

    app.add_handler(MessageHandler(filters.COMMAND, cmd_help))

@@ -65,6 +67,7 @@ async def post_init(app: Application) -> None:
            ("show", "Show bounty details"),
            ("timezone", "Get/set room timezone"),
            ("admin", "Manage admins"),
+            ("recover", "Recover deleted bounties"),
            ("help", "Show help"),
        ]
    )
--- a/apps/telegram-bot/commands.py
+++ b/apps/telegram-bot/commands.py
@@ -318,11 +318,11 @@ cmd_edit = cmd_update
 async def cmd_delete(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
    args = extract_args(update.message.text)
    if not args:
-        await update.message.reply_text("Usage: /delete <bounty_id> [bounty_id ...]")
+        await update.message.reply_text("Usage: /delete <bounty_id>")
        return

    try:
-        bounty_ids = [int(arg) for arg in args]
+        bounty_id = int(args[0])
    except ValueError:
        await update.message.reply_text("Invalid bounty ID.")
        return
@@ -331,25 +331,81 @@ async def cmd_delete(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
    room_id = get_room_id(update)

    try:
-        results = BOUNTY_SERVICE.delete_bounties(
+        success = BOUNTY_SERVICE.delete_bounty(
            room_id=room_id,
-            bounty_ids=bounty_ids,
+            bounty_id=bounty_id,
            user_id=user_id,
        )
    except PermissionError as e:
        await update.message.reply_text(f"⛔ {e}")
        return

-    response_lines = []
-    for bounty_id, result in results.items():
-        if result == "deleted":
-            response_lines.append(f"✅ Bounty #{bounty_id} deleted.")
-        elif result == "not_found":
-            response_lines.append(f"⛔ Bounty #{bounty_id} not found.")
-        elif result == "permission_denied":
-            response_lines.append(f"⛔ Bounty #{bounty_id} permission denied.")
+    if success:
+        await update.message.reply_text(f"✅ Bounty #{bounty_id} deleted.")
+    else:
+        await update.message.reply_text("Bounty not found.")

-    await update.message.reply_text("\n".join(response_lines))
+
+async def cmd_recover(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+    room_id = get_room_id(update)
+    user_id = get_user_id(update)
+
+    try:
+        if not BOUNTY_SERVICE.is_admin(room_id, user_id):
+            await update.message.reply_text("⛔ Only admins can recover bounties.")
+            return
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
+
+    if not args:
+        deleted_bounties = BOUNTY_SERVICE.list_deleted_bounties(room_id)
+        if not deleted_bounties:
+            await update.message.reply_text("No recoverable bounties.")
+            return
+
+        deleted_bounties.sort(key=lambda b: b.deleted_at or 0, reverse=True)
+
+        lines = ["Recoverable bounties:"]
+        for b in deleted_bounties:
+            deleted_str = time.strftime("%d %b %Y", time.localtime(b.deleted_at))
+            text_part = (
+                b.text[:40] + "..."
+                if b.text and len(b.text) > 40
+                else (b.text or "(no text)")
+            )
+            lines.append(f"[#{b.id}] {text_part} | 🗑️ Deleted {deleted_str}")
+
+        await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
+        return
+
+    bounty_ids = []
+    for arg in args:
+        try:
+            bounty_ids.append(int(arg))
+        except ValueError:
+            await update.message.reply_text(f"Invalid bounty ID: {arg}")
+            return
+
+    results = []
+    for bounty_id in bounty_ids:
+        try:
+            success, message = BOUNTY_SERVICE.recover_bounty(
+                room_id=room_id,
+                bounty_id=bounty_id,
+                user_id=user_id,
+            )
+        except PermissionError as e:
+            results.append(f"⛔ {e}")
+            continue
+
+        if success:
+            results.append(f"✅ {message}")
+        else:
+            results.append(f"⛔ {message}")
+
+    await update.message.reply_text("\n".join(results))


 async def cmd_track(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
--- a/core/services.py
+++ b/core/services.py
@@ -210,27 +210,32 @@ class BountyService:
        self._storage.update_bounty(room_id, bounty)
        return True

-    def delete_bounties(
-        self, room_id: int, bounty_ids: list[int], user_id: int
-    ) -> dict[int, str]:
-        """Soft delete multiple bounties. Returns dict of bounty_id -> result.
+    def recover_bounty(
+        self, room_id: int, bounty_id: int, user_id: int
+    ) -> tuple[bool, str]:
+        """Recover a soft-deleted bounty. Only admins can recover.

-        Results can be: 'deleted', 'not_found', 'permission_denied'
+        Returns (success, message) tuple.
        """
-        results = {}
-        for bounty_id in bounty_ids:
-            bounty = self._storage.get_bounty(room_id, bounty_id)
-            if not bounty:
-                results[bounty_id] = "not_found"
-                continue
        if not self.is_admin(room_id, user_id):
-                results[bounty_id] = "permission_denied"
-                continue
+            raise PermissionError("Only admins can recover bounties.")

-            bounty.deleted_at = int(time.time())
+        all_bounties = self._storage.list_all_bounties(room_id, include_deleted=True)
+        bounty = None
+        for b in all_bounties:
+            if b.id == bounty_id:
+                bounty = b
+                break
+
+        if not bounty:
+            return False, f"Bounty #{bounty_id} not found."
+
+        if bounty.deleted_at is None:
+            return False, f"Bounty #{bounty_id} is not deleted."
+
+        bounty.deleted_at = None
        self._storage.update_bounty(room_id, bounty)
-            results[bounty_id] = "deleted"
-        return results
+        return True, f"Recovered bounty #{bounty_id}."


 class TrackingService:
--- a/tests/test_services.py
+++ b/tests/test_services.py
@@ -210,46 +210,6 @@ class TestBountyService:
        result = self.service.delete_bounty(-1001, 999, self.admin_user_id)
        assert result is False

-    def test_delete_bounties_multi_id_success(self):
-        """Test delete_bounties returns individual results for multiple bounties."""
-        bounty1 = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="To delete 1"
-        )
-        bounty2 = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="To delete 2"
-        )
-        results = self.service.delete_bounties(
-            -1001, [bounty1.id, bounty2.id], self.admin_user_id
-        )
-        assert results == {bounty1.id: "deleted", bounty2.id: "deleted"}
-        # Verify both are soft deleted
-        assert self.service.get_bounty(-1001, bounty1.id) is None
-        assert self.service.get_bounty(-1001, bounty2.id) is None
-
-    def test_delete_bounties_mixed_results(self):
-        """Test delete_bounties returns not_found for non-existent bounties."""
-        bounty = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="To delete"
-        )
-        results = self.service.delete_bounties(
-            -1001, [bounty.id, 999, 888], self.admin_user_id
-        )
-        assert results == {bounty.id: "deleted", 999: "not_found", 888: "not_found"}
-
-    def test_delete_bounties_permission_denied(self):
-        """Test delete_bounties returns permission_denied for non-admin users."""
-        bounty = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="To delete"
-        )
-        results = self.service.delete_bounties(
-            -1001,
-            [bounty.id],
-            999,  # non-admin user
-        )
-        assert results == {bounty.id: "permission_denied"}
-        # Verify bounty was NOT deleted
-        assert self.service.get_bounty(-1001, bounty.id) is not None
-

 class TestTrackingService:
    """Unit tests for TrackingService."""