fix(pres_mgmt): obscure email in POC + presenter email confirm dialogs

Non-trusted users see joh***@example.com in the confirm() prompt and
button title instead of the full address. Trusted staff see the full
email unchanged. Matches the obscure_email() pattern already used in
ae_comp__badge_obj_li.svelte.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

src/routes/events/[event_id]/(pres_mgmt)/presenter/[presenter_id]/+page.svelte

@@ -184,6 +184,13 @@ let presenter_sign_in_url = $derived((() => {
 // }
 
 // *** Functions and Logic
+
+function obscure_email(email: string | null | undefined): string {
+    if (!email) return '';
+    const at = email.indexOf('@');
+    if (at < 0) return email;
+    return `${email.slice(0, Math.min(3, at))}***${email.slice(at)}`;
+}
 </script>
 
 <svelte:head>
@@ -326,7 +333,10 @@ let presenter_sign_in_url = $derived((() => {
                                     alert('No email address found for this presenter.');
                                     return;
                                 }
-                                if (!confirm(`This will send the sign in email to ${use_email}`)) {
+                                const display_email = $ae_loc.trusted_access
+                                    ? use_email
+                                    : obscure_email(use_email);
+                                if (!confirm(`This will send the sign in email to ${display_email}`)) {
                                     return;
                                 }
 

src/routes/events/[event_id]/(pres_mgmt)/session/[session_id]/ae_comp__session_view.svelte

@@ -191,10 +191,20 @@ $effect(() => {
     }
 });
 
+function obscure_email(email: string | null | undefined): string {
+    if (!email) return '';
+    const at = email.indexOf('@');
+    if (at < 0) return email;
+    return `${email.slice(0, Math.min(3, at))}***${email.slice(at)}`;
+}
+
 async function send_poc_email_link() {
     const sess = $lq__event_session_obj;
     if (!sess?.poc_person_primary_email) return;
-    if (!confirm(`Send sign-in link to ${sess.poc_person_full_name} (${sess.poc_person_primary_email})?`)) return;
+    const display_email = $ae_loc.trusted_access
+        ? sess.poc_person_primary_email
+        : obscure_email(sess.poc_person_primary_email);
+    if (!confirm(`Send sign-in link to ${sess.poc_person_full_name} (${display_email})?`)) return;
     poc_email_status = 'sending';
     try {
         await events_func.email_sign_in__event_session({
@@ -488,7 +498,7 @@ async function send_poc_email_link() {
                                         type="button"
                                         disabled={poc_email_status === 'sending'}
                                         onclick={send_poc_email_link}
-                                        title="Email the sign-in link to {pres_mgmt_loc.current.label__session_poc_name}: {$lq__event_session_obj?.poc_person_full_name} ({$lq__event_session_obj?.poc_person_primary_email})"
+                                        title="Email the sign-in link to {pres_mgmt_loc.current.label__session_poc_name}: {$lq__event_session_obj?.poc_person_full_name} ({$ae_loc.trusted_access ? $lq__event_session_obj?.poc_person_primary_email : obscure_email($lq__event_session_obj?.poc_person_primary_email)})"
                                         class="btn btn-sm preset-outlined-secondary-300-700 transition-all duration-200"
                                         class:preset-tonal-secondary={poc_email_status === 'idle'}
                                         class:preset-tonal-warning={poc_email_status === 'sending'}