Merge 9a9257c2be into 27756c9fdf

When the MSC is enabled, do not reject all events with a state_key
beginning with @ but not equal to the sender, as that overrides the
desired rule to allow the state key to have an optional suffix.

synapse/event_auth.py

@@ -808,11 +808,12 @@ def get_send_level(
 def _can_send_event(event: "EventBase", auth_events: StateMap["EventBase"]) -> bool:
     power_levels_event = get_power_level_event(auth_events)
 
+    uses_owned_state_events = event.room_version is RoomVersions.MSC3779v10
     send_level = get_send_level(
         event.type,
         event.get("state_key"),
         power_levels_event,
-        event.user_id if event.room_version is RoomVersions.MSC3779v10 else None,
+        event.user_id if uses_owned_state_events else None,
     )
     user_level = get_user_power_level(event.user_id, auth_events)
 
@@ -826,7 +827,7 @@ def _can_send_event(event: "EventBase", auth_events: StateMap["EventBase"]) -> b
 
     # Check state_key
     if hasattr(event, "state_key"):
-        if event.state_key.startswith("@"):
+        if not uses_owned_state_events and event.state_key.startswith("@"):
             if event.state_key != event.user_id:
                 raise AuthError(403, "You are not allowed to set others state")