diff --git a/rhodecode/apps/repo_group/views/repo_group_permissions.py b/rhodecode/apps/repo_group/views/repo_group_permissions.py
--- a/rhodecode/apps/repo_group/views/repo_group_permissions.py
+++ b/rhodecode/apps/repo_group/views/repo_group_permissions.py
@@ -28,6 +28,7 @@ from rhodecode.lib import helpers as h
 from rhodecode.lib import audit_logger
 from rhodecode.lib.auth import (
     LoginRequired, HasRepoGroupPermissionAnyDecorator, CSRFRequired)
+from rhodecode.model.db import User
 from rhodecode.model.permission import PermissionModel
 from rhodecode.model.repo_group import RepoGroupModel
 from rhodecode.model.forms import RepoGroupPermsForm
@@ -96,7 +97,13 @@ class RepoGroupPermissionsView(RepoGroup
 
         Session().commit()
         h.flash(_('Repository Group permissions updated'), category='success')
-        PermissionModel().flush_user_permission_caches(changes)
+
+        affected_user_ids = None
+        if changes.get('default_user_changed', False):
+            # if we change the default user, we need to flush everyone permissions
+            affected_user_ids = [x.user_id for x in User.get_all()]
+        PermissionModel().flush_user_permission_caches(
+            changes, affected_user_ids=affected_user_ids)
 
         raise HTTPFound(
             h.route_path('edit_repo_group_perms',
diff --git a/rhodecode/apps/repository/views/repo_permissions.py b/rhodecode/apps/repository/views/repo_permissions.py
--- a/rhodecode/apps/repository/views/repo_permissions.py
+++ b/rhodecode/apps/repository/views/repo_permissions.py
@@ -28,6 +28,7 @@ from rhodecode.lib import helpers as h
 from rhodecode.lib import audit_logger
 from rhodecode.lib.auth import (
     LoginRequired, HasRepoPermissionAnyDecorator, CSRFRequired)
+from rhodecode.model.db import User
 from rhodecode.model.forms import RepoPermsForm
 from rhodecode.model.meta import Session
 from rhodecode.model.permission import PermissionModel
@@ -89,7 +90,12 @@ class RepoSettingsPermissionsView(RepoAp
         Session().commit()
         h.flash(_('Repository access permissions updated'), category='success')
 
-        PermissionModel().flush_user_permission_caches(changes)
+        affected_user_ids = None
+        if changes.get('default_user_changed', False):
+            # if we change the default user, we need to flush everyone permissions
+            affected_user_ids = [x.user_id for x in User.get_all()]
+        PermissionModel().flush_user_permission_caches(
+            changes, affected_user_ids=affected_user_ids)
 
         raise HTTPFound(
             h.route_path('edit_repo_perms', repo_name=self.db_repo_name))
diff --git a/rhodecode/model/repo.py b/rhodecode/model/repo.py
--- a/rhodecode/model/repo.py
+++ b/rhodecode/model/repo.py
@@ -619,13 +619,26 @@ class RepoModel(BaseModel):
         changes = {
             'added': [],
             'updated': [],
-            'deleted': []
+            'deleted': [],
+            'default_user_changed': None
         }
+
+        repo = self._get_repo(repo)
+
         # update permissions
         for member_id, perm, member_type in perm_updates:
             member_id = int(member_id)
             if member_type == 'user':
                 member_name = User.get(member_id).username
+                if member_name == User.DEFAULT_USER:
+                    # NOTE(dan): detect if we changed permissions for default user
+                    perm_obj = self.sa.query(UserRepoToPerm) \
+                        .filter(UserRepoToPerm.user_id == member_id) \
+                        .filter(UserRepoToPerm.repository == repo) \
+                        .scalar()
+                    if perm_obj and perm_obj.permission.permission_name != perm:
+                        changes['default_user_changed'] = True
+
                 # this updates also current one if found
                 self.grant_user_permission(
                     repo=repo, user=member_id, perm=perm)
diff --git a/rhodecode/model/repo_group.py b/rhodecode/model/repo_group.py
--- a/rhodecode/model/repo_group.py
+++ b/rhodecode/model/repo_group.py
@@ -353,7 +353,8 @@ class RepoGroupModel(BaseModel):
         changes = {
             'added': [],
             'updated': [],
-            'deleted': []
+            'deleted': [],
+            'default_user_changed': None
         }
 
         def _set_perm_user(obj, user, perm):
@@ -430,6 +431,15 @@ class RepoGroupModel(BaseModel):
                 member_id = int(member_id)
                 if member_type == 'user':
                     member_name = User.get(member_id).username
+                    if isinstance(obj, RepoGroup) and obj == repo_group and member_name == User.DEFAULT_USER:
+                        # NOTE(dan): detect if we changed permissions for default user
+                        perm_obj = self.sa.query(UserRepoGroupToPerm) \
+                            .filter(UserRepoGroupToPerm.user_id == member_id) \
+                            .filter(UserRepoGroupToPerm.group == repo_group) \
+                            .scalar()
+                        if perm_obj and perm_obj.permission.permission_name != perm:
+                            changes['default_user_changed'] = True
+
                     # this updates also current one if found
                     _set_perm_user(obj, user=member_id, perm=perm)
                 elif member_type == 'user_group':