diff --git a/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java b/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java
index 22b3cd1e2c..faa25d7817 100644
--- a/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java
@@ -68,15 +68,15 @@ public class PermissionAssigner {
     Collection<PermissionDescriptor> availablePermissions = this.getAvailablePermissions();
 
     permissions.stream()
-      .filter(permissionExists(availablePermissions))
+      .filter(permissionExists(availablePermissions, existingPermissions))
       .map(p -> new AssignedPermission(id, groupPermission, p))
       .filter(p -> !existingPermissions.contains(p))
       .forEach(securitySystem::addPermission);
   }
 
-  private Predicate<PermissionDescriptor> permissionExists(Collection<PermissionDescriptor> availablePermissions) {
+  private Predicate<PermissionDescriptor> permissionExists(Collection<PermissionDescriptor> availablePermissions, Collection<AssignedPermission> existingPermissions) {
     return p -> {
-      if (!availablePermissions.contains(p)) {
+      if (!availablePermissions.contains(p) && existingPermissions.stream().map(AssignedPermission::getPermission).noneMatch(e -> e.equals(p))) {
         throw NotFoundException.notFound(ContextEntry.ContextBuilder.entity("permission", p.getValue()));
       }
       return true;
diff --git a/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java b/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java
index 8ab2ef8c8e..366c16f6b8 100644
--- a/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java
@@ -100,6 +100,13 @@ public class PermissionAssignerTest {
   @Test
   public void shouldFailForNotExistingPermissions() {
     expectedException.expect(NotFoundException.class);
-    permissionAssigner.setPermissionsForUser("2", asList(new PermissionDescriptor("perm:read:5"), new PermissionDescriptor("perm:read:4")));
+    permissionAssigner.setPermissionsForUser("2", asList(new PermissionDescriptor("perm:read:4"), new PermissionDescriptor("perm:read:5")));
+  }
+
+  @Test
+  public void shouldAcceptNotExistingPermissionsWhenTheyWereAssignedBefore() {
+    securitySystem.addPermission(new AssignedPermission("2", "perm:read:5"));
+
+    permissionAssigner.setPermissionsForUser("2", asList(new PermissionDescriptor("perm:read:5")));
   }
 }