diff --git a/scm-core/src/main/java/sonia/scm/security/AuthorizationChangedEvent.java b/scm-core/src/main/java/sonia/scm/security/AuthorizationChangedEvent.java
index 627bc11658..b4eb524669 100644
--- a/scm-core/src/main/java/sonia/scm/security/AuthorizationChangedEvent.java
+++ b/scm-core/src/main/java/sonia/scm/security/AuthorizationChangedEvent.java
@@ -48,7 +48,7 @@ public final class AuthorizationChangedEvent {
    * @return {@code true} if every user is affected
    */
   public boolean isEveryUserAffected(){
-    return nameOfAffectedUser != null;
+    return nameOfAffectedUser == null;
   }
   
   /**
diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryImportResource.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryImportResource.java
index 22df01d746..145dc7288c 100644
--- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryImportResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryImportResource.java
@@ -36,6 +36,7 @@ import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import lombok.Getter;
 import lombok.NoArgsConstructor;
 import lombok.Setter;
+import org.apache.shiro.SecurityUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import sonia.scm.HandlerEventType;
@@ -46,6 +47,7 @@ import sonia.scm.repository.Repository;
 import sonia.scm.repository.RepositoryHandler;
 import sonia.scm.repository.RepositoryImportEvent;
 import sonia.scm.repository.RepositoryManager;
+import sonia.scm.repository.RepositoryPermission;
 import sonia.scm.repository.RepositoryPermissions;
 import sonia.scm.repository.RepositoryType;
 import sonia.scm.repository.api.Command;
@@ -69,6 +71,7 @@ import java.util.function.Consumer;
 
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkNotNull;
+import static java.util.Collections.singletonList;
 
 public class RepositoryImportResource {
 
@@ -215,6 +218,8 @@ public class RepositoryImportResource {
     logger.info("start {} import for external url {}", type, request.getImportUrl());
 
     Repository repository = new Repository(null, type, request.getNamespace(), request.getName());
+    repository.setPermissions(singletonList(new RepositoryPermission(SecurityUtils.getSubject().getPrincipal().toString(), "OWNER", false)));
+
     try {
       repository = manager.create(
         repository,
diff --git a/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryManager.java b/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryManager.java
index f188963ade..0205278f06 100644
--- a/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryManager.java
+++ b/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryManager.java
@@ -41,6 +41,8 @@ import sonia.scm.NotFoundException;
 import sonia.scm.SCMContextProvider;
 import sonia.scm.Type;
 import sonia.scm.config.ScmConfiguration;
+import sonia.scm.event.ScmEventBus;
+import sonia.scm.security.AuthorizationChangedEvent;
 import sonia.scm.security.KeyGenerator;
 import sonia.scm.util.AssertUtil;
 import sonia.scm.util.CollectionAppender;
@@ -147,13 +149,14 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager {
         if (initRepository) {
           try {
             getHandler(newRepository).create(newRepository);
+            invalidateRepositoryPermissions();
             afterCreation.accept(newRepository);
-            //TODO check if this is okay
           } catch (Exception e) {
             delete(repository);
             throw e;
           }
         } else {
+          invalidateRepositoryPermissions();
           afterCreation.accept(newRepository);
         }
         fireEvent(HandlerEventType.CREATE, newRepository);
@@ -166,6 +169,10 @@ public class DefaultRepositoryManager extends AbstractRepositoryManager {
     );
   }
 
+  private void invalidateRepositoryPermissions() {
+    ScmEventBus.getInstance().post(AuthorizationChangedEvent.createForEveryUser());
+  }
+
   @Override
   public void delete(Repository repository) {
     logger.info("delete repository {}/{} of type {}", repository.getNamespace(), repository.getName(), repository.getType());
diff --git a/scm-webapp/src/main/java/sonia/scm/security/DefaultAuthorizationCollector.java b/scm-webapp/src/main/java/sonia/scm/security/DefaultAuthorizationCollector.java
index 14b040a1a3..3cada06d2c 100644
--- a/scm-webapp/src/main/java/sonia/scm/security/DefaultAuthorizationCollector.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/DefaultAuthorizationCollector.java
@@ -298,9 +298,9 @@ public class DefaultAuthorizationCollector implements AuthorizationCollector
   @Subscribe(async = false)
   public void invalidateCache(AuthorizationChangedEvent event) {
     if (event.isEveryUserAffected()) {
-      invalidateUserCache(event.getNameOfAffectedUser());
-    } else {
       invalidateCache();
+    } else {
+      invalidateUserCache(event.getNameOfAffectedUser());
     }
   }