TechnologyEnhancedLearning · swapnamol-abraham · Dec 4, 2025 · Apr 9, 2025 · Dec 4, 2025 · Dec 4, 2025
diff --git a/AdminUI/LearningHub.Nhs.AdminUI/Services/UserService.cs b/AdminUI/LearningHub.Nhs.AdminUI/Services/UserService.cs
@@ -337,6 +337,7 @@ public async Task<LearningHubValidationResult> SendAdminPasswordResetEmail(int u
         public async Task<LearningHubValidationResult> ClearUserCachedPermissions(int userId)
         {
             await this.cacheService.RemoveAsync($"{userId}:AllRolesWithPermissions");
+            await this.cacheService.RemoveAsync($"{userId}:DatabricksReporter");
             await this.cacheService.RemoveAsync($"{userId}:UserHasPublishedResources");
             return new LearningHubValidationResult(true);
         }

diff --git a/OpenAPI/LearningHub.Nhs.OpenApi.Services/Services/DatabricksService.cs b/OpenAPI/LearningHub.Nhs.OpenApi.Services/Services/DatabricksService.cs
@@ -67,47 +67,57 @@ public DatabricksService(IOptions<DatabricksConfig> databricksConfig,IOptions<Le
         /// <inheritdoc/>
         public async Task<bool> IsUserReporter(int userId)
         {
+            bool isReporter = false;
             string cacheKey = $"{userId}:{CacheKey}";
-            var userReportPermission = await this.cachingService.GetAsync<bool>(cacheKey);
-            if (userReportPermission.ResponseEnum == CacheReadResponseEnum.Found)
+            try
             {
-                return userReportPermission.Item;
-            }
-
+                var userReportPermission = await this.cachingService.GetAsync<bool>(cacheKey);
+                if (userReportPermission.ResponseEnum == CacheReadResponseEnum.Found)
+                {
+                    return userReportPermission.Item;
+                }
 
-            DatabricksApiHttpClient databricksInstance = new DatabricksApiHttpClient(this.databricksConfig);
 
-            var sqlText = $"CALL {this.databricksConfig.Value.UserPermissionEndpoint}({userId});";
-            const string requestUrl = "/api/2.0/sql/statements";
+                DatabricksApiHttpClient databricksInstance = new DatabricksApiHttpClient(this.databricksConfig);
 
-            var requestPayload = new
-            {
-                warehouse_id = this.databricksConfig.Value.WarehouseId,
-                statement = sqlText,
-                wait_timeout = "30s",
-                on_wait_timeout = "CANCEL"
-            };
+                var sqlText = $"CALL {this.databricksConfig.Value.UserPermissionEndpoint}({userId});";
+                const string requestUrl = "/api/2.0/sql/statements";
 
-            var jsonBody = JsonConvert.SerializeObject(requestPayload);
-            using var content = new StringContent(jsonBody, Encoding.UTF8, "application/json");
+                var requestPayload = new
+                {
+                    warehouse_id = this.databricksConfig.Value.WarehouseId,
+                    statement = sqlText,
+                    wait_timeout = "30s",
+                    on_wait_timeout = "CANCEL"
+                };
 
-            var response = await databricksInstance.GetClient().PostAsync(requestUrl, content);
+                var jsonBody = JsonConvert.SerializeObject(requestPayload);
+                using var content = new StringContent(jsonBody, Encoding.UTF8, "application/json");
 
-            var databricksResponse = await databricksInstance.GetClient().PostAsync(requestUrl, content);
-            if (databricksResponse.StatusCode is not HttpStatusCode.OK)
-            {
-                //log failure
-                return false;
-            }
-            var responseResult = await databricksResponse.Content.ReadAsStringAsync();
+                var response = await databricksInstance.GetClient().PostAsync(requestUrl, content);
 
-            responseResult = responseResult.Trim();
-            var root = JsonDocument.Parse(responseResult).RootElement;
-            string data = root.GetProperty("result").GetProperty("data_array")[0][0].GetString();
-            bool isReporter = data == "1";
+                var databricksResponse = await databricksInstance.GetClient().PostAsync(requestUrl, content);
+                if (databricksResponse.StatusCode is not HttpStatusCode.OK)
+                {
+                    //log failure
+                    return false;
+                }
+                var responseResult = await databricksResponse.Content.ReadAsStringAsync();
+
+                responseResult = responseResult.Trim();
+                var root = JsonDocument.Parse(responseResult).RootElement;
+                string data = root.GetProperty("result").GetProperty("data_array")[0][0].GetString();
+                isReporter = data == "1";
+
+                await this.cachingService.SetAsync(cacheKey, isReporter);
+                return isReporter;
 
-            await this.cachingService.SetAsync(cacheKey, isReporter);
-            return isReporter;
+            }
+            catch
+            {
+                await this.cachingService.SetAsync(cacheKey, isReporter);
+                return isReporter;
+            }
         }
 
         /// <inheritdoc/>

diff --git a/OpenAPI/LearningHub.Nhs.OpenApi.Services/Services/NavigationPermissionService.cs b/OpenAPI/LearningHub.Nhs.OpenApi.Services/Services/NavigationPermissionService.cs
@@ -48,7 +48,7 @@ public async Task<NavigationModel> GetNavigationModelAsync(IPrincipal user, bool
             }
             else if (user.IsInRole("Administrator"))
             {
-                return AuthenticatedAdministrator(controllerName);
+                return await AuthenticatedAdministrator(controllerName, currentUserId);
             }
             else if (user.IsInRole("ReadOnly"))
             {
@@ -97,8 +97,9 @@ public NavigationModel NotAuthenticated()
         /// The AuthenticatedAdministrator.
         /// </summary>
         /// <param name="controllerName">The controller name.</param>
+        /// <param name="userId">userId.</param>
         /// <returns>The <see cref="NavigationModel"/>.</returns>
-        private NavigationModel AuthenticatedAdministrator(string controllerName)
+        private async Task<NavigationModel> AuthenticatedAdministrator(string controllerName, int userId)
         {
             return new NavigationModel()
             {
@@ -115,7 +116,7 @@ private NavigationModel AuthenticatedAdministrator(string controllerName)
                 ShowSignOut = true,
                 ShowMyAccount = true,
                 ShowBrowseCatalogues = true,
-                ShowReports = true,
+                ShowReports = await this.databricksService.IsUserReporter(userId),
             };
         }