diff --git a/kallithea/lib/auth_modules/__init__.py b/kallithea/lib/auth_modules/__init__.py
--- a/kallithea/lib/auth_modules/__init__.py
+++ b/kallithea/lib/auth_modules/__init__.py
@@ -288,7 +288,6 @@ class KallitheaExternalAuthPlugin(Kallit
                 extern_name=user_data["extern_name"],
                 extern_type=self.name
             )
-            Session().flush()
             # enforce user is just in given groups, all of them has to be ones
             # created from plugins. We store this info in _group_data JSON field
             groups = user_data['groups'] or []
diff --git a/kallithea/model/gist.py b/kallithea/model/gist.py
--- a/kallithea/model/gist.py
+++ b/kallithea/model/gist.py
@@ -122,7 +122,7 @@ class GistModel(BaseModel):
         gist.gist_expires = gist_expires
         gist.gist_type = safe_unicode(gist_type)
         self.sa.add(gist)
-        self.sa.flush()
+        self.sa.flush() # make database assign gist.gist_id
         if gist_type == Gist.GIST_PUBLIC:
             # use DB ID for easy to use GIST ID
             gist_id = safe_unicode(gist.gist_id)
@@ -211,8 +211,6 @@ class GistModel(BaseModel):
         gist.gist_expires = gist_expires
         gist.owner = owner
         gist.gist_type = gist_type
-        self.sa.add(gist)
-        self.sa.flush()
 
         message = 'updated file'
         message += 's: ' if len(gist_mapping) > 1 else ': '
diff --git a/kallithea/model/user.py b/kallithea/model/user.py
--- a/kallithea/model/user.py
+++ b/kallithea/model/user.py
@@ -92,7 +92,8 @@ class UserModel(BaseModel):
             setattr(new_user, k, v)
 
         new_user.api_key = generate_api_key()
-        self.sa.add(new_user)
+        Session().add(new_user)
+        Session().flush() # make database assign new_user.user_id
 
         log_create_user(new_user.get_dict(), cur_user)
         return new_user
@@ -164,10 +165,13 @@ class UserModel(BaseModel):
                 new_user.password = get_crypt_password(password) \
                     if password else ''
 
-            self.sa.add(new_user)
+            if user is None:
+                Session().add(new_user)
+                Session().flush() # make database assign new_user.user_id
 
             if not edit:
                 log_create_user(new_user.get_dict(), cur_user)
+
             return new_user
         except (DatabaseError,):
             log.error(traceback.format_exc())
@@ -182,9 +186,6 @@ class UserModel(BaseModel):
         form_data['extern_name'] = ''
         new_user = self.create(form_data)
 
-        self.sa.add(new_user)
-        self.sa.flush()
-
         # notification to admins
         subject = _('New user registration')
         body = (
diff --git a/kallithea/model/user_group.py b/kallithea/model/user_group.py
--- a/kallithea/model/user_group.py
+++ b/kallithea/model/user_group.py
@@ -132,18 +132,19 @@ class UserGroupModel(BaseModel):
 
             for k, v in form_data.items():
                 if k == 'users_group_members':
-                    user_group.members = []
-                    self.sa.flush()
                     members_list = []
                     if v:
                         v = [v] if isinstance(v, basestring) else v
                         for u_id in set(v):
                             member = UserGroupMember(user_group.users_group_id, u_id)
                             members_list.append(member)
-                    setattr(user_group, 'members', members_list)
+                            self.sa.add(member)
+                    user_group.members = members_list
                 setattr(user_group, k, v)
 
-            self.sa.add(user_group)
+            # Flush to make db assign users_group_member_id to newly
+            # created UserGroupMembers.
+            self.sa.flush()
         except Exception:
             log.error(traceback.format_exc())
             raise
diff --git a/kallithea/tests/models/test_settings.py b/kallithea/tests/models/test_settings.py
--- a/kallithea/tests/models/test_settings.py
+++ b/kallithea/tests/models/test_settings.py
@@ -7,7 +7,7 @@ name = 'spam-setting-name'
 def test_passing_list_setting_value_results_in_string_valued_setting():
     assert Setting.get_by_name(name) is None
     setting = Setting.create_or_update(name, ['spam', 'eggs'])
-    Session().flush()
+    Session().flush() # must flush so we can delete it below
     try:
         assert Setting.get_by_name(name) is not None
         # Quirk: list value is stringified.
@@ -16,23 +16,21 @@ def test_passing_list_setting_value_resu
         assert Setting.get_by_name(name).app_settings_type == 'unicode'
     finally:
         Session().delete(setting)
-        Session().flush()
 
 def test_list_valued_setting_creation_requires_manual_value_formatting():
     assert Setting.get_by_name(name) is None
     # Quirk: need manual formatting of list setting value.
     setting = Setting.create_or_update(name, 'spam,eggs', type='list')
-    Session().flush()
+    Session().flush() # must flush so we can delete it below
     try:
         assert setting.app_settings_value == ['spam', 'eggs']
     finally:
         Session().delete(setting)
-        Session().flush()
 
 def test_list_valued_setting_update():
     assert Setting.get_by_name(name) is None
     setting = Setting.create_or_update(name, 'spam', type='list')
-    Session().flush()
+    Session().flush() # must flush so we can delete it below
     try:
         assert setting.app_settings_value == [u'spam']
         # Assign back setting value.
@@ -43,4 +41,3 @@ def test_list_valued_setting_update():
         assert setting.app_settings_value == ["[u\"[u'spam']\"]"]
     finally:
         Session().delete(setting)
-        Session().flush()