WordPress: delete custom post in frontend with custom user role not working

I am building a custom frontend where custom role members (created with User Role Editor) can add and edit spots.

“Spots” are a custom post type registered like this:

 register_post_type('spot',
   array(
       'labels'          => array( ... ),
       'supports'        => array('title', 'thumbnail', 'revisions'),
       'public'          => true,
       'has_archive'     => true,
       'capability_type' => array('spot', 'spots'),
       'map_meta_cap'    => true,
    )
  );

Now adding and editing these spots works great, but I fail to create a delete link like this:

echo '<a href="'. get_delete_post_link($post->ID) .'">Delete</a>';

This doesn’t echo anything at all unless I am logged in as admin, in which case it works as intended.

I have tried to look into this with current_user_can() with these results:

get_current_user_id() == $post->post_author => true
current_user_can( 'delete_posts', $post->ID ) => true
current_user_can( 'delete_post', $post->ID )  => false
current_user_can( 'delete_spots', $post->ID ) => true
current_user_can( 'delete_spot', $post->ID )  => false

I assume the singular version is correct and that failing the check where my problem lies. But should I query for delete_post or delete_spot?

I am editing the member capabilities with User Role Editor as well and have added both delete_posts and delete_spots capabilities to the role. Other capabilities such as upload_files can be granted and revoked correctly through the interface.

I have to add that I am prohibiting members to access /wp-admin using the User Registration plugin. While lifting the restriction does not make the delete link appear, I have read elsewhere that prohibiting backend access also makes the delete link dysfunctional, as it depends on /wp-admin access. Not sure if this would be true if I could make it appear.

What I’m looking for:

  1. Help with the syntax and some more detailed way to investigate member capabilities. I cannot rule out that I have introduced some permission conflict for the role by trying out different user registration plugins. E.g. where are capabilities stored in the DB and are they human readable?

  2. Another way to make a delete link (perhaps using AJAX?). Not sure if this would work if the proper capability is missing, but if get_delete_post_link() is not compatible with restricting the backend than I would need a different method anyway.

Thank you!