Allow a signed-out user to delete own location/review

[taitems]

In my creation/testing process I created an item while not signed in, and missing data.

• I cannot delete an item while signed out, even if I made it
• I cannot delete my own item while signed in

Workaround is to report and flag for deletion in the comments.

UX Tenet: Give users the ability to quickly rectify errors and reduce the interaction cost in doing so

[wbazant]

Thanks, that's a sensible enhancement suggestion! We let signed in users delete their reviews, and #369 asks for deleting locations that weren't edited yet. Not sure right now how to provide this ability for someone who didn't sign in.

[ezwelty]

I cannot delete an item while signed out, even if I made it

@taitems I suppose we could record remote IP or device MAC address and use that as a proxy for user id if the user is not logged in, but that would mean that "anonymous" mode is not very anonymous, and it would have strange results on shared devices or IPs (all users of the device would be treated as the same person when using Falling Fruit while signed out).

I cannot delete my own item while signed in

As @wbazant pointed out, there is a proposal for this in the special case of the location not yet having been reviewed or edited by another user (#369). This is tricky because Falling Fruit allows locations to be edited (not just reviewed) by everyone, not just their original creator. We can debate whether this is a wise decision.

[taitems]

I think the use case is that you made an error and want to correct it within a certain window. If your IP or MAC address has churned after a certain amount of time, then that's okay. It's a fair expectation that you should no longer be able to edit it.

In terms of the how, you could probably issue each user a JWT regardless of whether they're signed in or not and that the users JWT could be sent with each request. Alternatively something like fingerprint.js although from memory that's a very exxy service.

[wbazant]

I'm thinking, tracking users who didn't make accounts seems difficult and a bit needless, and a better strategic direction would be to encourage users into making accounts. Not sure how to promise that 'you'll be able to delete a location you've made in error yourself instead of having to make a report' but we can communicate that an account opts the user into a better experience - see #642.

I propose we close this for now - feel free to reopen the issue any time.