From c1583796d311303fd80333eed3d3a2c1d3c2a070 Mon Sep 17 00:00:00 2001
From: Gary Tou <gary@garytou.com>
Date: Tue, 21 Oct 2025 23:29:52 -0700
Subject: [PATCH] [OrganizerPositionInvite] Hint when accepting invite with
 wrong user

---
 .../organizer_position_invites_controller.rb       |  7 +++++++
 app/models/user.rb                                 | 14 ++++++++++++++
 2 files changed, 21 insertions(+)

diff --git a/app/controllers/organizer_position_invites_controller.rb b/app/controllers/organizer_position_invites_controller.rb
index 8ec207f989..42c774b0bd 100644
--- a/app/controllers/organizer_position_invites_controller.rb
+++ b/app/controllers/organizer_position_invites_controller.rb
@@ -59,6 +59,13 @@ def show
     elsif @invite.rejected?
       redirect_to root_path, flash: { error: "You’ve already rejected this invitation." }
     end
+  rescue Pundit::NotAuthorizedError
+    if @invite.user != current_user
+      flash[:error] = "This invitation was sent to #{@invite.user.redacted_email}, but you are currently logged in as #{current_user.email }."
+      redirect_to root_path and return
+    end
+
+    raise
   end
 
   def accept
diff --git a/app/models/user.rb b/app/models/user.rb
index a139496105..3731f352b6 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -288,6 +288,20 @@ def initials
     words.any? ? words.map(&:first).join.upcase : name
   end
 
+  # gary@hackclub.com → g***y@hackclub.com
+  # gt@hackclub.com → g*@hackclub.com
+  # g@hackclub.com → g@hackclub.com
+  def redacted_email
+    handle, domain = email.split("@")
+    redacted_handle =
+      if handle.length <= 2
+        handle[0] + "*" * (handle.length - 1)
+      else
+        "#{handle[0]}***#{handle[-1]}"
+      end
+    "#{redacted_handle}@#{domain}"
+  end
+
   def pretty_phone_number
     Phonelib.parse(self.phone_number).national
   end