@henning-gerhardt thanks a lot for the remarks!

1. It is possible to de-assign all clients from an import configuration. This import configuration becomes invisible but is still existing. Without manipulating the database table it is not possible anymore to interact with this hidden import configuration. In my opinion at least one client should be assigned to an import configuration.

Thanks for pointing this out. Indeed, it would become difficult to re-assign an import configuration that is not assigned to any client anymore. I see two ways to approach this:

• either add a special permission/authority that allows users to see all import configurations, no matter to which client(s) they are assigned. This way an "System admin" could be defined that can configure import configurations system wide without any client restrictions
• or add some frontend logic that disables an item in the client list when it is the last selected item, to prevent the situation you described, where an import configuration isn't assigned to any client anymore. This approach would have to take into account that a user might only be assigned to some clients (not all of them) and an import configuration might still be assigned to a client to which the user is not assigned; this could also be validated when saving an import configuration.

What would be the better solution? Or do you have an alternative idea how to resolve this issue?

2. If you have at least two clients Client_A and Client_B. You logged in in Client_A and de-assign an import configuration from Client_A so this import configuration should only assigned to Client_B, the import configuration is still visible while logged in in Client_A (even after re-log in). This behaviour is different to all the other client-depending relations like projects, process templates, workflows, ... Should this be the case?

This indeed sounds like a bug, e.g. wasn't intended. I will try to find the cause for this issue and resolve it. I got this wrong. I programmed it deliberately like this, but didn't realize the other object types you mentioned - project, template etc. - behaved differently. I guess if we can solve the first point you raised it shouldn't be a problem to only show those import configurations that are assigned to the current client and bring the functionality more in line with the rest of the system.

I would go for the first option (special authority to "see" all available clients) even this behaviour is different then an other places like projects, process templates, ... but I think that sharing import configurations is more common than sharing projects, process templates, ... between clients.

After a discussion between @solth and @henning-gerhardt we come to the following solution:

• adding a new permission/authority to see all clients inside the import configuration independent of which your current client is
• adding a custon validator which ensures that at least one client is assigned to an import configuration

@henning-gerhardt I updated the pull request as discussed: a new special permission was added that allows assigning import configurations to clients globally. The corresponding and new third "Clients" tab in the "Import configuration edit" page is now only rendered when the user has this new permission. On this third tab all clients are displayed and offered for assignement (not just those assigned to the current user/admin). Additionally, I added a new validator that ensures at least one client is assigned when saving the import configuration.