chore(release): v2.0.4

Made-with: Cursor

CHANGELOG.md

@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.0.4] - 2025-03-04
+
+(No changes documented; release for version sync.)
+
 ## [2.0.3] - 2025-03-04
 
 (No changes documented; release for version sync.)
@@ -52,7 +56,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Input validation and initData hash verification for Miniapp access.
 - Optional CORS and init_data_max_age; use env for secrets.
 
-[Unreleased]: https://github.com/your-org/duty-teller/compare/v2.0.3...HEAD
+[Unreleased]: https://github.com/your-org/duty-teller/compare/v2.0.4...HEAD
+[2.0.4]: https://github.com/your-org/duty-teller/releases/tag/v2.0.4  <!-- placeholder: set to your repo URL when publishing -->
 [2.0.3]: https://github.com/your-org/duty-teller/releases/tag/v2.0.3  <!-- placeholder: set to your repo URL when publishing -->
 [2.0.2]: https://github.com/your-org/duty-teller/releases/tag/v2.0.2  <!-- placeholder: set to your repo URL when publishing -->
 [2.0.0]: https://github.com/your-org/duty-teller/releases/tag/v2.0.0  <!-- placeholder: set to your repo URL when publishing -->

duty_teller/run.py

@@ -19,6 +19,12 @@ from duty_teller.utils.http_client import safe_urlopen
 _HTTP_STARTUP_WAIT_SEC = 3
 
 
+async def _post_init(application) -> None:
+    """Run startup tasks: restore group pin jobs, then resolve bot username."""
+    await group_duty_pin.restore_group_pin_jobs(application)
+    await _resolve_bot_username(application)
+
+
 async def _resolve_bot_username(application) -> None:
     """If BOT_USERNAME is not set from env, resolve it via get_me()."""
     if not config.BOT_USERNAME:
@@ -98,13 +104,7 @@ def main() -> None:
     require_bot_token()
     # Optional: set bot menu button to open the Miniapp. Uncomment to enable:
     # _set_default_menu_button_webapp()
-    app = (
+    app = ApplicationBuilder().token(config.BOT_TOKEN).post_init(_post_init).build()
-        ApplicationBuilder()
-        .token(config.BOT_TOKEN)
-        .post_init(group_duty_pin.restore_group_pin_jobs)
-        .post_init(_resolve_bot_username)
-        .build()
-    )
     register_handlers(app)
 
     from duty_teller.api.app import app as web_app

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "duty-teller"
-version = "2.0.3"
+version = "2.0.4"
 description = "Telegram bot for team duty shift calendar and group reminder"
 readme = "README.md"
 requires-python = ">=3.11"

webapp-next/src/app/page.test.tsx

@@ -4,17 +4,14 @@
  */
 
 import { describe, it, expect, beforeEach, vi } from "vitest";
-import { render, screen, waitFor } from "@testing-library/react";
+import { render, screen, waitFor, act } from "@testing-library/react";
 import Page from "./page";
 import { resetAppStore } from "@/test/test-utils";
 import { useAppStore } from "@/store/app-store";
+import { useTelegramAuth } from "@/hooks/use-telegram-auth";
 
 vi.mock("@/hooks/use-telegram-auth", () => ({
-  useTelegramAuth: () => ({
+  useTelegramAuth: vi.fn(),
-    initDataRaw: "test-init",
-    startParam: undefined,
-    isLocalhost: true,
-  }),
 }));
 
 vi.mock("@/hooks/use-month-data", () => ({
@@ -26,6 +23,11 @@ vi.mock("@/hooks/use-month-data", () => ({
 describe("Page", () => {
   beforeEach(() => {
     resetAppStore();
+    vi.mocked(useTelegramAuth).mockReturnValue({
+      initDataRaw: "test-init",
+      startParam: undefined,
+      isLocalhost: true,
+    });
   });
 
   it("renders calendar and header when store has default state", async () => {
@@ -51,4 +53,27 @@ describe("Page", () => {
       expect(document.title).toBe("Календарь дежурств");
     });
   });
+
+  it("renders AccessDeniedScreen when not allowed and delay has passed", async () => {
+    const { RETRY_DELAY_MS } = await import("@/lib/constants");
+    vi.mocked(useTelegramAuth).mockReturnValue({
+      initDataRaw: undefined,
+      startParam: undefined,
+      isLocalhost: false,
+    });
+    vi.useFakeTimers();
+    render(<Page />);
+    await act(async () => {
+      vi.advanceTimersByTime(RETRY_DELAY_MS);
+    });
+    vi.useRealTimers();
+    expect(
+      await screen.findByText(/Access denied|Доступ запрещён/i, {}, { timeout: 2000 })
+    ).toBeInTheDocument();
+    expect(
+      screen.getByText(/Open the app again from Telegram|Откройте приложение снова из Telegram/i)
+    ).toBeInTheDocument();
+    expect(screen.getByRole("button", { name: /Reload|Обновить/i })).toBeInTheDocument();
+    expect(screen.queryByRole("grid", { name: "Calendar" })).not.toBeInTheDocument();
+  });
 });

webapp-next/src/app/page.tsx

@@ -6,12 +6,13 @@
 "use client";
 
 import { useCallback, useEffect } from "react";
-import { useAppStore } from "@/store/app-store";
+import { useAppStore, type AppState } from "@/store/app-store";
 import { useShallow } from "zustand/react/shallow";
 import { useTelegramTheme } from "@/hooks/use-telegram-theme";
 import { useTelegramAuth } from "@/hooks/use-telegram-auth";
 import { useAppInit } from "@/hooks/use-app-init";
 import { callMiniAppReadyOnce } from "@/lib/telegram-ready";
+import { AccessDeniedScreen } from "@/components/states/AccessDeniedScreen";
 import { CurrentDutyView } from "@/components/current-duty/CurrentDutyView";
 import { CalendarPage } from "@/components/CalendarPage";
 
@@ -23,9 +24,10 @@ export default function Home() {
 
   useAppInit({ isAllowed, startParam });
 
-  const { currentView, setCurrentView, setSelectedDay, appContentReady } =
+  const { accessDenied, currentView, setCurrentView, setSelectedDay, appContentReady } =
     useAppStore(
-      useShallow((s) => ({
+      useShallow((s: AppState) => ({
+        accessDenied: s.accessDenied,
         currentView: s.currentView,
         setCurrentView: s.setCurrentView,
         setSelectedDay: s.setSelectedDay,
@@ -45,17 +47,18 @@ export default function Home() {
     setSelectedDay(null);
   }, [setCurrentView, setSelectedDay]);
 
-  const content =
+  const content = accessDenied ? (
-    currentView === "currentDuty" ? (
+    <AccessDeniedScreen primaryAction="reload" />
-      <div className="mx-auto flex min-h-screen w-full max-w-[var(--max-width-app)] flex-col bg-background px-3 pb-6 pt-safe">
+  ) : currentView === "currentDuty" ? (
-        <CurrentDutyView
+    <div className="mx-auto flex min-h-screen w-full max-w-[var(--max-width-app)] flex-col bg-background px-3 pb-6 pt-safe">
-          onBack={handleBackFromCurrentDuty}
+      <CurrentDutyView
-          openedFromPin={startParam === "duty"}
+        onBack={handleBackFromCurrentDuty}
-        />
+        openedFromPin={startParam === "duty"}
-      </div>
+      />
-    ) : (
+    </div>
-      <CalendarPage isAllowed={isAllowed} initDataRaw={initDataRaw} />
+  ) : (
-    );
+    <CalendarPage isAllowed={isAllowed} initDataRaw={initDataRaw} />
+  );
 
   return (
     <div

webapp-next/src/components/CalendarPage.tsx

@@ -17,7 +17,6 @@ import { CalendarGrid } from "@/components/calendar/CalendarGrid";
 import { DutyList } from "@/components/duty/DutyList";
 import { DayDetail, type DayDetailHandle } from "@/components/day-detail";
 import { ErrorState } from "@/components/states/ErrorState";
-import { AccessDenied } from "@/components/states/AccessDenied";
 
 /** Fallback height (px) until ResizeObserver reports the sticky block size. Matches --calendar-block-min-height + pb-2 (260 + 8). */
 const STICKY_HEIGHT_FALLBACK_PX = 268;
@@ -51,7 +50,6 @@ export function CalendarPage({ isAllowed, initDataRaw }: CalendarPageProps) {
     loading,
     error,
     accessDenied,
-    accessDeniedDetail,
     duties,
     calendarEvents,
     selectedDay,
@@ -67,7 +65,6 @@ export function CalendarPage({ isAllowed, initDataRaw }: CalendarPageProps) {
       loading: s.loading,
       error: s.error,
       accessDenied: s.accessDenied,
-      accessDeniedDetail: s.accessDeniedDetail,
       duties: s.duties,
       calendarEvents: s.calendarEvents,
       selectedDay: s.selectedDay,
@@ -155,13 +152,10 @@ export function CalendarPage({ isAllowed, initDataRaw }: CalendarPageProps) {
         />
       </div>
 
-      {accessDenied && (
+      {error && (
-        <AccessDenied serverDetail={accessDeniedDetail} className="my-3" />
-      )}
-      {!accessDenied && error && (
         <ErrorState message={error} onRetry={retry} className="my-3" />
       )}
-      {!accessDenied && !error && (
+      {!error && (
         <DutyList
           scrollMarginTop={stickyBlockHeight}
           className="mt-2"

webapp-next/src/components/current-duty/CurrentDutyView.test.tsx

@@ -127,4 +127,25 @@ describe("CurrentDutyView", () => {
     expect(buttons[0]).toHaveAccessibleName(/Retry|Повторить/i);
     vi.mocked(fetchDuties).mockResolvedValue([]);
   });
+
+  it("403 shows AccessDeniedScreen with Back button and no Retry", async () => {
+    const { fetchDuties, AccessDeniedError } = await import("@/lib/api");
+    vi.mocked(fetchDuties).mockRejectedValue(
+      new AccessDeniedError("ACCESS_DENIED", "Custom 403 message")
+    );
+    const onBack = vi.fn();
+    render(<CurrentDutyView onBack={onBack} />);
+    await screen.findByText(/Access denied|Доступ запрещён/i, {}, { timeout: 3000 });
+    expect(
+      screen.getByText(/Open the app again from Telegram|Откройте приложение снова из Telegram/i)
+    ).toBeInTheDocument();
+    expect(screen.getByText("Custom 403 message")).toBeInTheDocument();
+    expect(
+      screen.getByRole("button", { name: /Back to calendar|Назад к календарю/i })
+    ).toBeInTheDocument();
+    expect(screen.queryByRole("button", { name: /Retry|Повторить/i })).not.toBeInTheDocument();
+    fireEvent.click(screen.getByRole("button", { name: /Back to calendar|Назад к календарю/i }));
+    expect(onBack).toHaveBeenCalled();
+    vi.mocked(fetchDuties).mockResolvedValue([]);
+  });
 });

webapp-next/src/components/current-duty/CurrentDutyView.tsx

@@ -30,6 +30,7 @@ import {
   CardTitle,
 } from "@/components/ui/card";
 import { Skeleton } from "@/components/ui/skeleton";
+import { AccessDeniedScreen } from "@/components/states/AccessDeniedScreen";
 import type { DutyWithUser } from "@/types";
 
 export interface CurrentDutyViewProps {
@@ -39,7 +40,7 @@ export interface CurrentDutyViewProps {
   openedFromPin?: boolean;
 }
 
-type ViewState = "loading" | "error" | "ready";
+type ViewState = "loading" | "error" | "accessDenied" | "ready";
 
 /**
  * Full-screen current duty view with Telegram BackButton and auto-updating remaining time.
@@ -53,6 +54,7 @@ export function CurrentDutyView({ onBack, openedFromPin = false }: CurrentDutyVi
   const [state, setState] = useState<ViewState>("loading");
   const [duty, setDuty] = useState<DutyWithUser | null>(null);
   const [errorMessage, setErrorMessage] = useState<string | null>(null);
+  const [accessDeniedDetail, setAccessDeniedDetail] = useState<string | null>(null);
   const [remaining, setRemaining] = useState<{ hours: number; minutes: number } | null>(null);
 
   const loadTodayDuties = useCallback(
@@ -74,14 +76,17 @@ export function CurrentDutyView({ onBack, openedFromPin = false }: CurrentDutyVi
         }
       } catch (e) {
         if (signal?.aborted) return;
-        setState("error");
+        if (e instanceof AccessDeniedError) {
-        const msg =
+          setState("accessDenied");
-          e instanceof AccessDeniedError && e.serverDetail
+          setAccessDeniedDetail(e.serverDetail ?? null);
-            ? e.serverDetail
+          setDuty(null);
-            : t("error_generic");
+          setRemaining(null);
-        setErrorMessage(msg);
+        } else {
-        setDuty(null);
+          setState("error");
-        setRemaining(null);
+          setErrorMessage(t("error_generic"));
+          setDuty(null);
+          setRemaining(null);
+        }
       }
     },
     [initDataRaw, lang, t]
@@ -195,6 +200,17 @@ export function CurrentDutyView({ onBack, openedFromPin = false }: CurrentDutyVi
     );
   }
 
+  if (state === "accessDenied") {
+    return (
+      <AccessDeniedScreen
+        serverDetail={accessDeniedDetail}
+        primaryAction="back"
+        onBack={handlePrimaryAction}
+        openedFromPin={openedFromPin}
+      />
+    );
+  }
+
   if (state === "error") {
     const handleRetry = () => {
       setState("loading");

webapp-next/src/components/day-detail/DayDetail.tsx

@@ -207,8 +207,10 @@ export const DayDetail = React.forwardRef<DayDetailHandle, DayDetailProps>(
           "rounded-t-2xl pt-3 pb-[calc(24px+env(safe-area-inset-bottom,0px))] max-h-[70vh] bg-[var(--surface)]",
           className
         )}
+        overlayClassName="backdrop-blur-md"
         showCloseButton={false}
         onCloseAnimationEnd={handleClose}
+        onOpenAutoFocus={(e) => e.preventDefault()}
       >
         <div className="relative px-4">
           {closeButton}

webapp-next/src/components/states/AccessDenied.test.tsx

@@ -1,24 +0,0 @@
-/**
- * Unit tests for AccessDenied. Ported from webapp/js/ui.test.js showAccessDenied.
- */
-
-import { describe, it, expect, beforeEach } from "vitest";
-import { render, screen } from "@testing-library/react";
-import { AccessDenied } from "./AccessDenied";
-import { resetAppStore } from "@/test/test-utils";
-
-describe("AccessDenied", () => {
-  beforeEach(() => {
-    resetAppStore();
-  });
-
-  it("renders translated access denied message", () => {
-    render(<AccessDenied serverDetail={null} />);
-    expect(screen.getByText(/Access denied|Доступ запрещён/i)).toBeInTheDocument();
-  });
-
-  it("appends serverDetail when provided", () => {
-    render(<AccessDenied serverDetail="Custom 403 message" />);
-    expect(screen.getByText("Custom 403 message")).toBeInTheDocument();
-  });
-});

webapp-next/src/components/states/AccessDenied.tsx

@@ -1,46 +0,0 @@
-/**
- * Access denied state: message and optional server detail.
- * Ported from webapp/js/ui.js showAccessDenied and states.css .access-denied.
- */
-
-"use client";
-
-import { useTranslation } from "@/i18n/use-translation";
-import { cn } from "@/lib/utils";
-
-export interface AccessDeniedProps {
-  /** Optional detail from API 403 response, shown below the main message. */
-  serverDetail?: string | null;
-  /** Optional class for the container. */
-  className?: string;
-}
-
-/**
- * Displays access denied message; optional second paragraph for server detail.
- */
-export function AccessDenied({ serverDetail, className }: AccessDeniedProps) {
-  const { t } = useTranslation();
-  const hasDetail = Boolean(serverDetail && String(serverDetail).trim());
-
-  return (
-    <div
-      className={cn(
-        "rounded-xl bg-surface py-6 px-4 my-3 text-center text-muted-foreground shadow-sm transition-opacity duration-200",
-        className
-      )}
-      role="alert"
-    >
-      <p className="m-0 mb-2 font-semibold text-error">
-        {t("access_denied")}
-      </p>
-      {hasDetail && (
-        <p className="mt-2 m-0 text-sm text-muted">
-          {serverDetail}
-        </p>
-      )}
-      <p className="mt-2 m-0 text-sm text-muted">
-        {t("access_denied.hint")}
-      </p>
-    </div>
-  );
-}

webapp-next/src/components/states/AccessDeniedScreen.test.tsx

@@ -0,0 +1,74 @@
+/**
+ * Unit tests for AccessDeniedScreen: full-screen access denied, reload and back modes.
+ */
+
+import { describe, it, expect, beforeEach, vi } from "vitest";
+import { render, screen, fireEvent } from "@testing-library/react";
+import { AccessDeniedScreen } from "./AccessDeniedScreen";
+import { resetAppStore } from "@/test/test-utils";
+
+describe("AccessDeniedScreen", () => {
+  beforeEach(() => {
+    resetAppStore();
+  });
+
+  it("renders translated access denied title and hint", () => {
+    render(<AccessDeniedScreen primaryAction="reload" />);
+    expect(screen.getByText(/Access denied|Доступ запрещён/i)).toBeInTheDocument();
+    expect(
+      screen.getByText(/Open the app again from Telegram|Откройте приложение снова из Telegram/i)
+    ).toBeInTheDocument();
+  });
+
+  it("shows serverDetail when provided", () => {
+    render(
+      <AccessDeniedScreen primaryAction="reload" serverDetail="Custom 403 message" />
+    );
+    expect(screen.getByText("Custom 403 message")).toBeInTheDocument();
+  });
+
+  it("reload mode shows Reload button", () => {
+    render(<AccessDeniedScreen primaryAction="reload" />);
+    const button = screen.getByRole("button", { name: /Reload|Обновить/i });
+    expect(button).toBeInTheDocument();
+    const reloadFn = vi.fn();
+    Object.defineProperty(window, "location", {
+      value: { ...window.location, reload: reloadFn },
+      writable: true,
+    });
+    fireEvent.click(button);
+    expect(reloadFn).toHaveBeenCalled();
+  });
+
+  it("back mode shows Back to calendar and calls onBack on click", () => {
+    const onBack = vi.fn();
+    render(
+      <AccessDeniedScreen
+        primaryAction="back"
+        onBack={onBack}
+        openedFromPin={false}
+      />
+    );
+    const button = screen.getByRole("button", {
+      name: /Back to calendar|Назад к календарю/i,
+    });
+    expect(button).toBeInTheDocument();
+    fireEvent.click(button);
+    expect(onBack).toHaveBeenCalled();
+  });
+
+  it("back mode with openedFromPin shows Close button", () => {
+    const onBack = vi.fn();
+    render(
+      <AccessDeniedScreen
+        primaryAction="back"
+        onBack={onBack}
+        openedFromPin={true}
+      />
+    );
+    const button = screen.getByRole("button", { name: /Close|Закрыть/i });
+    expect(button).toBeInTheDocument();
+    fireEvent.click(button);
+    expect(onBack).toHaveBeenCalled();
+  });
+});

webapp-next/src/components/states/AccessDeniedScreen.tsx

@@ -0,0 +1,84 @@
+/**
+ * Full-screen access denied view. Used when the user is not allowed (no initData / not localhost)
+ * or when API returns 403. Matches global-error and not-found layout: no extra chrome, one action.
+ */
+
+"use client";
+
+import { useEffect } from "react";
+import { getLang, translate } from "@/i18n/messages";
+import { useAppStore } from "@/store/app-store";
+
+export interface AccessDeniedScreenProps {
+  /** Optional detail from API 403 response, shown below the hint. */
+  serverDetail?: string | null;
+  /** Primary button: reload (main page) or back/close (deep link). */
+  primaryAction: "reload" | "back";
+  /** Called when primaryAction is "back" (e.g. Back to calendar or Close). */
+  onBack?: () => void;
+  /** When true and primaryAction is "back", button label is "Close" instead of "Back to calendar". */
+  openedFromPin?: boolean;
+}
+
+/**
+ * Full-screen access denied: title, hint, optional server detail, single action button.
+ * Calls setAppContentReady(true) on mount so Telegram receives ready().
+ */
+export function AccessDeniedScreen({
+  serverDetail,
+  primaryAction,
+  onBack,
+  openedFromPin = false,
+}: AccessDeniedScreenProps) {
+  const lang = getLang();
+  const setAppContentReady = useAppStore((s) => s.setAppContentReady);
+
+  useEffect(() => {
+    setAppContentReady(true);
+  }, [setAppContentReady]);
+
+  const hasDetail = Boolean(serverDetail && String(serverDetail).trim());
+
+  const handleClick = () => {
+    if (primaryAction === "reload") {
+      if (typeof window !== "undefined") {
+        window.location.reload();
+      }
+    } else {
+      onBack?.();
+    }
+  };
+
+  const buttonLabel =
+    primaryAction === "reload"
+      ? translate(lang, "access_denied.reload")
+      : openedFromPin
+        ? translate(lang, "current_duty.close")
+        : translate(lang, "current_duty.back");
+
+  return (
+    <div
+      className="flex min-h-screen flex-col items-center justify-center gap-4 bg-background px-4 text-foreground"
+      role="alert"
+    >
+      <h1 className="text-xl font-semibold">
+        {translate(lang, "access_denied")}
+      </h1>
+      <p className="text-center text-muted-foreground">
+        {translate(lang, "access_denied.hint")}
+      </p>
+      {hasDetail && (
+        <p className="text-center text-sm text-muted-foreground">
+          {serverDetail}
+        </p>
+      )}
+      <button
+        type="button"
+        onClick={handleClick}
+        className="rounded-lg bg-primary px-4 py-2 text-primary-foreground hover:bg-primary/90"
+      >
+        {buttonLabel}
+      </button>
+    </div>
+  );
+}

webapp-next/src/components/states/index.ts

@@ -4,4 +4,4 @@
 
 export { LoadingState } from "./LoadingState";
 export { ErrorState } from "./ErrorState";
-export { AccessDenied } from "./AccessDenied";
+export { AccessDeniedScreen } from "./AccessDeniedScreen";

webapp-next/src/components/ui/sheet.tsx

@@ -53,12 +53,15 @@ function SheetContent({
   showCloseButton = true,
   onCloseAnimationEnd,
   onAnimationEnd,
+  overlayClassName,
   ...props
 }: React.ComponentProps<typeof SheetPrimitive.Content> & {
   side?: "top" | "right" | "bottom" | "left"
   showCloseButton?: boolean
   /** When provided, content and overlay stay mounted until close animation ends (forceMount). */
   onCloseAnimationEnd?: () => void
+  /** Optional class name applied to the overlay (e.g. backdrop-blur-md). */
+  overlayClassName?: string
 }) {
   const useForceMount = Boolean(onCloseAnimationEnd)
 
@@ -74,7 +77,10 @@ function SheetContent({
 
   return (
     <SheetPortal>
-      <SheetOverlay forceMount={useForceMount ? true : undefined} />
+      <SheetOverlay
+        forceMount={useForceMount ? true : undefined}
+        className={overlayClassName}
+      />
       <SheetPrimitive.Content
         data-slot="sheet-content"
         forceMount={useForceMount ? true : undefined}

webapp-next/src/i18n/messages.ts

@@ -81,6 +81,7 @@ export const MESSAGES: Record<Lang, Record<string, string>> = {
     "not_found.description": "The page you are looking for does not exist.",
     "not_found.open_calendar": "Open calendar",
     "access_denied.hint": "Open the app again from Telegram.",
+    "access_denied.reload": "Reload",
   },
   ru: {
     "app.title": "Календарь дежурств",
@@ -157,6 +158,7 @@ export const MESSAGES: Record<Lang, Record<string, string>> = {
     "not_found.description": "Запрашиваемая страница не существует.",
     "not_found.open_calendar": "Открыть календарь",
     "access_denied.hint": "Откройте приложение снова из Telegram.",
+    "access_denied.reload": "Обновить",
   },
 };
 

webapp-next/src/store/app-store.ts

@@ -24,7 +24,7 @@ export interface AppState {
   loading: boolean;
   error: string | null;
   accessDenied: boolean;
-  /** Server detail from API 403 response; shown in AccessDenied component. */
+  /** Server detail from API 403 response; shown in AccessDeniedScreen. */
   accessDeniedDetail: string | null;
   currentView: CurrentView;
   selectedDay: string | null;