Set a permission for 'regular' users to delete their posts

[Cocam123]

I make this request because some people ask me to delete their own post and so, it would be nice to create a permission so that people with the role 'regular' can delete their own post (admin roles keep the permission to delete others)

I don't know if it's already possible but if it's not yet the case, it could be a good idea

[noirscape]

Wouldn't it be better to add an option to let the uploader/admin of a post "anonymize" their own post instead? (Basically an on edit variation of "Upload anonymously")

Technically an uploaded image is more tied to the site than it is to the submitter.

[Cocam123]

by that, I wasn't really talking about users who upload anonymously but more about people who upload normally

[neobooru]

This has been asked before in #346 and back then sgsunder decided against this feature, with the following reasoning:

Can you describe the use case in more detail? Creating/modifying/curating posts in a booru are usually meant to be a collaborative effort, I don't think it's appropriate for users to end up deleting posts that they created but others have put effort into curating. So it makes sense for users who want to delete self-posts to also have global deletion privileges. But perhaps there's an edge case where this would be appropriate.

I generally speaking agree with him, but I also feel like we should maybe talk about these edge cases. "Officially" it is not allowed on a booru to delete your own post (on most popular boorus it isn't allowed). I personally don't feel like we are forced to stick to the norm, but it's worth noting what is.

Possible solution

A user can only delete their own post if all of the following is true:

1. The post has not been edited by other users.
2. The post has not been interacted with by other users (comment, like, favorite, tagged)
3. Before a certain amount of time has passed

These three points are something I just came up with. Please do tell me for each individual point whether you agree or disagree with it. If someone wants to suggest another criteria then please post it.

Or just add a permission "delete_own_post" and don't overcomplicate things. That would also work.

[Cocam123]

In fact, what I would like is that the image can be deleted by the user as long as no one has interacted with it (my borru is quite precise and sending an image that would be forbidden can happen)

That's why I'm asking this because I think I'm not the only one in this case.

If not, is there a doc that explains clearly where and how to create/use them? (Honestly it's one of the things I haven't mastered yet)

[ninjazan420]

So it makes sense for users who want to delete self-posts to also have global deletion privileges.

No. IF the user wants to delete its own post, why should he be allowed to delete others? Doesn't make sense.

Can you describe the use case in more detail?

Within the EU for example, people must be allowed to get the power to not just 'mask' their posts as an anonymous post, but delete them completely *by their own. Same for the account: the user must have the power to completely their accounts, without interaction from an admin.

The post has not been edited by other users.

Why?

The post has not been interacted with by other users (comment, like, favorite, tagged)

Why?

Before a certain amount of time has passed

Why?

It just doesn't make sense to me to give other users so much power over my upload. Lets say I've commited an upload and for reason xy I don't wanna have it on that page, why should other users have the power by just upvoting my upload to block me from delete my own creation?

Yes, it IS sad if I've faved something and it's permanently gone after someone deleted his post, but the owner should be able to decide, if his upload stays on the page or not, not the community.

[noirscape]

@neobooru - I do like that idea.

-- @ninjasan420

No. IF the user wants to delete its own post, why should he be allowed to delete others? Doesn't make sense.

Because posts are considered associated with the booru site not with the user. I get the confusion, especially when szuru is mostly used for private boorus/art galleries from artists, but at it's core, the uploaded post as a "thing" is something on the site. The user uploading it is really a side-factor to preserving the posts. The only one who has sway on what gets kept on a booru is the artist who made the original piece (using tools such as the DMCA and their own copyright over the image).

Within the EU for example, people must be allowed to get the power to not just 'mask' their posts as an anonymous post, but delete them completely *by their own. Same for the account: the user must have the power to completely their accounts, without interaction from an admin.

Tell me you don't understand how the GDPR works without telling me you don't understand how the GDPR works. (That said, IANAL). The GDPR only really demands that you remove any PII attached to User Generated Content. In addition, this process is deliberately not required to be an automated one. A lot of sites have taken to automating this because frankly, it's a hassle, but the only thing you're required to actually have is a contact point to remove PII.

Uploads to a booru site don't fall under PII, they fall under UGC that the site has a "legitimate interest" to keep (which means it'd be preserved even on a GDPR interest). Furthermore, the only functionality that would be a "required nice to have" for the GDPR is the option to anonymize/hide the uploader on a post after it has been submitted.

It just doesn't make sense to me to give other users so much power over my upload. Lets say I've commited an upload and for reason xy I don't wanna have it on that page, why should other users have the power by just upvoting my upload to block me from delete my own creation? Yes, it IS sad if I've faved something and it's permanently gone after someone deleted his post, but the owner should be able to decide, if his upload stays on the page or not, not the community.

Posts (or to be precise their metadata) don't belong to the user, they belong to the community. The moment you uploaded it, it stopped being anything related to you but a passing mention on a booru site as an uploader. I think that's the fundamental thing you don't seem to understand here.

Imagine making a Wikipedia page, but after a week you decide it was a bad idea to do so, so now you want it removed. It doesn't work like that; other people edited that page in the meantime, the page stopped belonging to you the moment you created it.