The desired functionality of a non-shell-based interface to delete comments, was described in T158 ("Phabricator should let admins delete comments in Maniphest"), and filed/implemented upstream at https://secure.phabricator.com/T4909 (originally titled "Possibility to delete comments in Maniphest")
That upstream task has many useful comments, from @Qgil and @Aklapper, including "no stats, but I guess it happens once or twice a month that I (or other WMF Bugzilla admins) need to hide a comment or hide/delete an attachment."
The ability to delete comments via the web GUI was added, but with a very broad default.
Currently, all users can delete their own comments, via the "Remove Comment" item in the dropdown menu.
There are concerns with this situation:
- "Deletion" does not even really work, because updates are instantly emailed to various addresses and the bug mailing list, and also the first few hundred characters are sent to IRC, so it's a false promise.
- It distances contributors from the expectations of "permanence" which they should have before hitting submit on a wiki-edit or email-send. Some users might be more inclined to write emotional/angry comments, if they believe that the comment can potentially be deleted later (assuming nobody "quotes" it in the meantime).
- It enables easy/thorough infosuicide,(1) which hurts the community permanently. (or creates a lot of work for maintainers to undo the damage). Details at https://secure.phabricator.com/T4909#57227
- All imported bugzilla comments are able to be deleted, E.g. https://bugzillapreview.wmflabs.org/T341#3695
- It enables anyone to (partially/locally) cover up history. (This can create suspicion. "What did she/he write?!").
The only potential benefit, is allowing users to immediately(/partially/locally) cover up mistakes, if they accidentally "saved" very private information. (However, this same accident is possible in email, without any way to undo it at all. Netizens should be used to it.)
The possible solutions are
- Rate limit any comment removal. E.g. 1 per day. (That might be a good temporary solution, if a group-based access is too hard to do soon.)
- Time limit any comment removal. E.g. Only within 1 minute or 1 hour after saving. (Discussed below, as another good temporary solution)
- Usergroup limit to comment removal. (This is the desired feature, with assignable groups (eg. Phab-Admins) as the only users who are able to delete content from local visibility.)