Just an idea, have you checked using the Security Query Tool in CMC? Maybe there is a right set somewhere that you just do not see in the user security options as it inherits from somewhere else. This tool is quite handy when used in the proper way. Or use the BIST to check the same.

I also notices when playing around with right settings, that sometimes it is good to relogon the tested user, sometimes some rights only apply when you reinitialize the session. it can indeed by quite an effort to test rights ...

Did you try

well here is my enhancement request: https://influence.sap.com/sap/ino/#/idea/266765

Well please put in the documentation that delete does not delete and hide does not hide !

thank you for your thoughts and tips: I don't know if I am allowed to cite kb content but i think there is something gone mad:

Symptom

• Denying Hide comments -BI Commentary access rights to a user on a Web Intelligence document means that the user cannot use the Delete Comment icon in a Web Intelligence document.
• Granting Hide comments -BI Commentary access rights to a user on a Web Intelligence document while denying Delete comments -BI Commentary access rights means that the user can use the Delete Comment icon in a Web Intelligence document.
• What does Delete comments in the Web Intelligence interface really mean in current product design?

Resolution

• The behavior is BY DESIGN.
• Currently the Delete Comment icon works like a Hide comment action. After clicking the Delete Comment icon, you can check the Commentary database. In the COMMENTARY_MASTER table, the row of that comment is still existing. However, the column Hidden value is updated to 1 which means that it is hidden.
• BI Commentary is a feature newly implemented in version BI 4.2. This feature is still being enriched and optimized, i.e. it is an ONGOING process.
  In the current version, even though the actual behavior of Delete Comment icon is only hiding the comment in Web Intelligence, for the better understanding of the real end user, this icon was named Delete Comment. (Note that in current version, there is no interface in Web Intelligence to let the user revert hidden comments.)
  Also, there is no interface in Web Intelligence to allow user to really delete a comment. This means that the access rights Delete comments -BI Commentary is not useful for the end users in the current BI 4.2 version.

You can raise an Enhancement Request for this commentary topic. To learn more about this process, please refer to KBA

1515837 - How To: Enhancement Request Process using Idea Place

Still wondering how complex this gets - Comments and Bi Comments that the user created or owns .. which for what - and it seems the User who comments first gives a basic right or denies rights for the report for other user commenting ... gets more and more confusing...

wobi

Another Question - since we work with ACL here - we apply them to folders, groups, applications...

which would be the best place to use the allow deletion of bi-commentary feature - on folders, on user-groups (everyone! in this case) or webi-application? Mark, that it is not denied anywhere in my original layout, so I am still confused about the user complaining that he can't delete comments -when he and me should be able to do so .... weird...

Wobi

Yes - at first i deactivated there, to simulate the user situation - then tried to reactivate - but it never came back. Only member of admin group can now delete - regardless how often I try to enable deletion of Bi Commentary - by applying the standard rules - one granted should beat the non granted - which is the standard in my system - but it seems the denied feature is more resistant ... resistance is futile!

So I have to do trials till it works ?

Wobi