Skip to content

Approve org AI data processing inline during onboarding#2091

Draft
Twixes wants to merge 1 commit intomainfrom
posthog-code/inbox-ai-approval-inline
Draft

Approve org AI data processing inline during onboarding#2091
Twixes wants to merge 1 commit intomainfrom
posthog-code/inbox-ai-approval-inline

Conversation

@Twixes
Copy link
Copy Markdown
Member

@Twixes Twixes commented May 7, 2026

Summary

The AI approval onboarding screen used to dead-end on a button that opened PostHog web, asking the user to flip the org-level "AI data processing approval" toggle there and come back. The user note describes this as painful and easy to abandon, especially because the screen sits between the user and the rest of the app.

The screen now calls PATCH /api/organizations/<id>/ with {is_ai_data_processing_approved: true} directly. The matching backend change (posthog-code/allow-code-app-org-ai-toggle) carves out a narrow exemption for project-scoped OAuth tokens to flip exactly this one field. After the call succeeds we invalidate the useCurrentUser query so the needsAiApproval gate clears automatically and onboarding continues without a refresh.

Robustness

  • Older backend / 403 / network failure → we set fellBackToWeb and render the original "Approve in PostHog" button so the user is never stuck on a non-functional screen.
  • Non-admin user → unchanged; we still show "Ask an organization admin to approve AI data processing."
  • Missing client or org id → the inline path is hidden; we render the web fallback instead.
  • Dismissal / skip → there is no skip button; the existing footer's Log out handles "I want out" without a loop.

Test plan

  • pnpm --filter code typecheck (passes)
  • pnpm lint (passes)
  • pnpm --filter code test (1145 tests passing)
  • Manual: with a project-scoped OAuth token (PostHog Code's normal flow), the inline approve button flips the org toggle and onboarding proceeds without leaving the app.
  • Manual: simulate a 403 from the org PATCH and verify we fall back to "Approve in PostHog" with an explanatory hint.
  • Manual: non-admin user still sees the "ask an admin" copy.

Created with PostHog Code

@Twixes
fix(onboarding): approve org AI data processing inline
93a6280 
The AI approval onboarding screen used to dead-end on a button that
opened PostHog web, asking the user to flip the org-level "AI data
processing approval" toggle there and come back. This is a painful
context switch and easy to abandon, especially since the screen sits
between the user and the rest of the app.

The screen now calls `PATCH /api/organizations/<id>/` with the single
field `is_ai_data_processing_approved: true` directly. The matching
backend change (posthog-code/allow-code-app-org-ai-toggle) carves out
a narrow exemption for project-scoped OAuth tokens to flip exactly
this one field. After the call succeeds we invalidate the
`useCurrentUser` query so the `needsAiApproval` gate clears
automatically and onboarding continues without a refresh.

Robustness:
- If the inline call fails for any reason (older backend without the
  exemption, transient 403, network error), we fall back to the
  original "Approve in PostHog" button so the user is never stuck.
- The screen still sits behind an "isAdmin" check, and dismissal is
  handled by the existing Log out footer, not a skip-and-loop.

Generated-By: PostHog Code
Task-Id: d739b1d2-b053-45ec-967b-5521802d275b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Twixes