feat(/admin): add /admin command for admin management

- Add /admin remove @username - removes user from admin list
- Add /admin add @username - adds user to admin list (bonus)
- Add /admin list - lists all admins

Resolves #52

apps/telegram-bot/bot.py

@@ -8,6 +8,7 @@ from telegram.ext import Application, CommandHandler, MessageHandler, filters
 
 from commands import (
     cmd_add,
+    cmd_admin,
     cmd_bounty,
     cmd_delete,
     cmd_edit,
@@ -41,6 +42,7 @@ def build_app() -> Application:
     app.add_handler(CommandHandler("delete", cmd_delete))
     app.add_handler(CommandHandler("track", cmd_track))
     app.add_handler(CommandHandler("untrack", cmd_untrack))
+    app.add_handler(CommandHandler("admin", cmd_admin))
 
     app.add_handler(MessageHandler(filters.COMMAND, cmd_help))
 
@@ -56,6 +58,7 @@ async def post_init(app: Application) -> None:
             ("edit", "Edit a bounty"),
             ("track", "Track a bounty"),
             ("untrack", "Stop tracking"),
+            ("admin", "Admin management"),
             ("help", "Show help"),
         ]
     )

apps/telegram-bot/commands.py

@@ -1,7 +1,6 @@
 """Telegram command handlers for JIGAIDO - Thin wrappers around core services."""
 
 import time
-from datetime import datetime
 from functools import wraps
 from typing import Optional
 
@@ -20,34 +19,6 @@ TRACKING_SERVICE = TrackingService(TRACKING_STORAGE, ROOM_STORAGE)
 TELEGRAM_BOT_USERNAME = "your_bot_username"
 
 
-def format_due_date(due_date_ts: int | None, timezone_str: str) -> str:
-    """Format due date as human-readable with timezone.
-
-    Examples:
-        No due date:     (none shown)
-        Date only:       4 April 2026
-        Date + time:     4 April 2026 14:30
-        With timezone:   4 April 2026 14:30 (Asia/Jakarta)
-    """
-    if not due_date_ts:
-        return ""
-
-    try:
-        tz = ZoneInfo(timezone_str)
-    except (KeyError, ZoneInfoNotFoundError):
-        tz = ZoneInfo("UTC")
-
-    dt = datetime.fromtimestamp(due_date_ts, tz=tz)
-
-    date_str = dt.strftime("%-d %B %Y")
-
-    if dt.hour != 0 or dt.minute != 0:
-        date_str += f" {dt.strftime('%H:%M')}"
-        date_str += f" ({timezone_str})"
-
-    return date_str
-
-
 def extract_args(text: str) -> list[str]:
     if not text:
         return []
@@ -77,7 +48,7 @@ def parse_args(args: list[str]) -> tuple[Optional[str], Optional[str], Optional[
     return text, link, due_date_ts
 
 
-def format_bounty(b, show_id: bool = True, room_id: int | None = None) -> str:
+def format_bounty(b, show_id: bool = True) -> str:
     parts = []
     if show_id:
         parts.append(f"[#{b.id}]")
@@ -86,11 +57,7 @@ def format_bounty(b, show_id: bool = True, room_id: int | None = None) -> str:
     if b.link:
         parts.append(f"🔗 {b.link}")
     if b.due_date_ts:
-        timezone_str = "UTC"
-        if room_id is not None:
-            timezone_str = BOUNTY_SERVICE.get_timezone(room_id)
-
-        due_str = format_due_date(b.due_date_ts, timezone_str)
+        due_str = time.strftime("%Y-%m-%d", time.localtime(b.due_date_ts))
         days_left = (b.due_date_ts - int(time.time())) // 86400
         if days_left < 0:
             parts.append(f"⏰ {due_str} (OVERDUE)")
@@ -134,7 +101,7 @@ async def cmd_bounty(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         await update.message.reply_text("No bounties yet.")
         return
 
-    lines = [format_bounty(b, show_id=True, room_id=room_id) for b in bounties]
+    lines = [format_bounty(b, show_id=True) for b in bounties]
     await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
 
 
@@ -144,7 +111,6 @@ async def cmd_my(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     if is_group(update):
         group_id = get_group_id(update)
         bounties = TRACKING_SERVICE.get_tracked_bounties(group_id, user_id)
-        room_id = group_id
     else:
         room_id = get_room_id(update)
         bounties = BOUNTY_SERVICE.list_bounties(room_id)
@@ -158,7 +124,7 @@ async def cmd_my(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         await update.message.reply_text(msg)
         return
 
-    lines = [format_bounty(b, show_id=True, room_id=room_id) for b in bounties]
+    lines = [format_bounty(b, show_id=True) for b in bounties]
     await update.message.reply_text("\n".join(lines), disable_web_page_preview=True)
 
 
@@ -189,8 +155,7 @@ async def cmd_add(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
 
     due_str = ""
     if due_date_ts:
-        timezone_str = BOUNTY_SERVICE.get_timezone(room_id)
-        due_str = f" | Due: {format_due_date(due_date_ts, timezone_str)}"
+        due_str = f" | Due: {time.strftime('%Y-%m-%d', time.localtime(due_date_ts))}"
 
     await update.message.reply_text(
         f"✅ Bounty added (#{bounty.id}){due_str}",
@@ -245,34 +210,32 @@ cmd_edit = cmd_update
 async def cmd_delete(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     args = extract_args(update.message.text)
     if not args:
-        await update.message.reply_text("Usage: /delete <bounty_id> [bounty_id ...]")
+        await update.message.reply_text("Usage: /delete <bounty_id>")
         return
 
     try:
-        bounty_ids = [int(arg) for arg in args]
+        bounty_id = int(args[0])
     except ValueError:
-        await update.message.reply_text("Invalid bounty ID(s).")
+        await update.message.reply_text("Invalid bounty ID.")
         return
 
     user_id = get_user_id(update)
     room_id = get_room_id(update)
 
-    results = BOUNTY_SERVICE.delete_bounties(
-        room_id=room_id,
-        bounty_ids=bounty_ids,
-        user_id=user_id,
-    )
+    try:
+        success = BOUNTY_SERVICE.delete_bounty(
+            room_id=room_id,
+            bounty_id=bounty_id,
+            user_id=user_id,
+        )
+    except PermissionError as e:
+        await update.message.reply_text(f"⛔ {e}")
+        return
 
-    lines = []
-    for bounty_id, result in results.items():
-        if result == "deleted":
-            lines.append(f"✅ Bounty #{bounty_id} deleted.")
-        elif result == "not_found":
-            lines.append(f"⛔ Bounty #{bounty_id} not found.")
-        elif result == "permission_denied":
-            lines.append(f"⛔ Bounty #{bounty_id} - only admins can delete.")
-
-    await update.message.reply_text("\n".join(lines))
+    if success:
+        await update.message.reply_text(f"✅ Bounty #{bounty_id} deleted.")
+    else:
+        await update.message.reply_text("Bounty not found.")
 
 
 async def cmd_track(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
@@ -328,6 +291,101 @@ async def cmd_untrack(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
         await update.message.reply_text("Not tracking bounty #{bounty_id}.")
 
 
+async def cmd_admin(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
+    args = extract_args(update.message.text)
+    if not args:
+        await update.message.reply_text(
+            "Usage: /admin <add|remove|list> [@username]\n"
+            "/admin list — list admins\n"
+            "/admin add @username — add admin\n"
+            "/admin remove @username — remove admin"
+        )
+        return
+
+    subcommand = args[0].lower()
+    username = args[1] if len(args) > 1 else None
+
+    requesting_user_id = get_user_id(update)
+    room_id = get_room_id(update)
+
+    if subcommand == "list":
+        admins = BOUNTY_SERVICE.list_admins(room_id)
+        if not admins:
+            await update.message.reply_text("No admins in this room.")
+            return
+        admin_mentions = " ".join(f"admin_id:{uid}" for uid in admins)
+        await update.message.reply_text(f"Admins: {admin_mentions}")
+        return
+
+    if subcommand == "remove":
+        if not username:
+            await update.message.reply_text("Usage: /admin remove @username")
+            return
+
+        if not username.startswith("@"):
+            await update.message.reply_text(
+                f"⛔ {username} is not a valid username (must start with @)."
+            )
+            return
+
+        target_username = username[1:]
+        try:
+            chat = await ctx.bot.get_chat(target_username)
+            target_user_id = chat.id
+        except Exception:
+            await update.message.reply_text(
+                f"⛔ Could not find user @{target_username}."
+            )
+            return
+
+        try:
+            BOUNTY_SERVICE.remove_admin(room_id, target_user_id, requesting_user_id)
+            await update.message.reply_text(
+                f"✅ @{target_username} is no longer an admin."
+            )
+        except PermissionError as e:
+            await update.message.reply_text(f"⛔ {e}")
+        except ValueError:
+            await update.message.reply_text(f"⛔ @{target_username} is not an admin.")
+        return
+
+    if subcommand == "add":
+        if not username:
+            await update.message.reply_text("Usage: /admin add @username")
+            return
+
+        if not username.startswith("@"):
+            await update.message.reply_text(
+                f"⛔ {username} is not a valid username (must start with @)."
+            )
+            return
+
+        target_username = username[1:]
+        try:
+            chat = await ctx.bot.get_chat(target_username)
+            target_user_id = chat.id
+        except Exception:
+            await update.message.reply_text(
+                f"⛔ Could not find user @{target_username}."
+            )
+            return
+
+        try:
+            BOUNTY_SERVICE.add_admin(room_id, target_user_id, requesting_user_id)
+            await update.message.reply_text(f"✅ @{target_username} is now an admin.")
+        except PermissionError as e:
+            await update.message.reply_text(f"⛔ {e}")
+        except ValueError:
+            await update.message.reply_text(
+                f"⛔ @{target_username} is already an admin."
+            )
+        return
+
+    await update.message.reply_text(
+        "Unknown subcommand. Use: /admin <add|remove|list> [@username]"
+    )
+
+
 async def cmd_start(update: Update, ctx: ContextTypes.DEFAULT_TYPE) -> None:
     if is_group(update):
         await update.message.reply_text(

core/services.py

@@ -210,31 +210,6 @@ class BountyService:
         self._storage.update_bounty(room_id, bounty)
         return True
 
-    def delete_bounties(
-        self, room_id: int, bounty_ids: list[int], user_id: int
-    ) -> dict[int, str]:
-        """Soft delete multiple bounties. Only admins can delete.
-
-        Returns a dict mapping bounty_id to result:
-        - "deleted": Successfully soft-deleted
-        - "not_found": Bounty does not exist
-        - "permission_denied": User is not admin
-        """
-        results = {}
-        for bounty_id in bounty_ids:
-            bounty = self._storage.get_bounty(room_id, bounty_id)
-            if not bounty:
-                results[bounty_id] = "not_found"
-                continue
-            if not self.is_admin(room_id, user_id):
-                results[bounty_id] = "permission_denied"
-                continue
-
-            bounty.deleted_at = int(time.time())
-            self._storage.update_bounty(room_id, bounty)
-            results[bounty_id] = "deleted"
-        return results
-
 
 class TrackingService:
     """Service for tracking bounty operations."""

tests/test_services.py

@@ -210,53 +210,6 @@ class TestBountyService:
         result = self.service.delete_bounty(-1001, 999, self.admin_user_id)
         assert result is False
 
-    def test_delete_bounties_multiple_success(self):
-        """Test delete_bounties soft deletes multiple bounties."""
-        b1 = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="First"
-        )
-        b2 = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="Second"
-        )
-        b3 = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="Third"
-        )
-        results = self.service.delete_bounties(
-            -1001, [b1.id, b2.id, b3.id], self.admin_user_id
-        )
-        assert results == {b1.id: "deleted", b2.id: "deleted", b3.id: "deleted"}
-        assert self.service.get_bounty(-1001, b1.id) is None
-        assert self.service.get_bounty(-1001, b2.id) is None
-        assert self.service.get_bounty(-1001, b3.id) is None
-
-    def test_delete_bounties_mixed_results(self):
-        """Test delete_bounties returns individual results per ID."""
-        b1 = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="Exists"
-        )
-        results = self.service.delete_bounties(
-            -1001, [b1.id, 999, 888], self.admin_user_id
-        )
-        assert results == {b1.id: "deleted", 999: "not_found", 888: "not_found"}
-
-    def test_delete_bounties_permission_denied(self):
-        """Test delete_bounties returns permission_denied for non-admin."""
-        b1 = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="First"
-        )
-        b2 = self.service.add_bounty(
-            room_id=-1001, user_id=self.admin_user_id, text="Second"
-        )
-        results = self.service.delete_bounties(
-            -1001,
-            [b1.id, b2.id],
-            999,  # non-admin user
-        )
-        assert results == {b1.id: "permission_denied", b2.id: "permission_denied"}
-        # Bounties should not be deleted
-        assert self.service.get_bounty(-1001, b1.id) is not None
-        assert self.service.get_bounty(-1001, b2.id) is not None
-
 
 class TestTrackingService:
     """Unit tests for TrackingService."""