diff --git a/apps/server/src/api/v2/reports/[id]/GET.ts b/apps/server/src/api/v2/reports/[id]/GET.ts
index 98db04fbd..2695a87ab 100644
--- a/apps/server/src/api/v2/reports/[id]/GET.ts
+++ b/apps/server/src/api/v2/reports/[id]/GET.ts
@@ -1,4 +1,4 @@
-import { hasAssetPermission } from '@buster/access-controls';
+import { checkPermission } from '@buster/access-controls';
 import { getReport, getReportMetadata } from '@buster/database';
 import type { GetReportResponse } from '@buster/server-shared/reports';
 import { Hono } from 'hono';
@@ -23,7 +23,7 @@ export async function getReportHandler(
   }
 
   // Check access using existing asset permission system
-  const hasAccess = await hasAssetPermission({
+  const assetPermissionResult = await checkPermission({
     userId: user.id,
     assetId: reportId,
     assetType: 'report_file',
@@ -32,12 +32,16 @@ export async function getReportHandler(
     workspaceSharing: reportData.workspaceSharing,
   });
 
-  if (!hasAccess) {
+  if (!assetPermissionResult.hasAccess) {
     throw new HTTPException(403, { message: 'You do not have access to this report' });
   }
 
   // If access is granted, get the full report data
-  const report = await getReport({ reportId, userId: user.id });
+  const report = await getReport({
+    reportId,
+    userId: user.id,
+    permissionRole: assetPermissionResult.effectiveRole,
+  });
 
   const response: GetReportResponse = report;
 
diff --git a/packages/database/src/queries/reports/get-report.ts b/packages/database/src/queries/reports/get-report.ts
index 693939e1b..d1d1bffb5 100644
--- a/packages/database/src/queries/reports/get-report.ts
+++ b/packages/database/src/queries/reports/get-report.ts
@@ -2,6 +2,7 @@ import { and, eq, isNull } from 'drizzle-orm';
 import { z } from 'zod';
 import { db } from '../../connection';
 import {
+  assetPermissionRoleEnum,
   assetPermissions,
   collections,
   collectionsToAssets,
@@ -14,6 +15,7 @@ import { getOrganizationMemberCount, getUserOrganizationId } from '../organizati
 export const GetReportInputSchema = z.object({
   reportId: z.string().uuid('Report ID must be a valid UUID'),
   userId: z.string().uuid('User ID must be a valid UUID'),
+  permissionRole: z.enum(assetPermissionRoleEnum.enumValues).optional(),
 });
 
 type GetReportInput = z.infer<typeof GetReportInputSchema>;
@@ -21,7 +23,7 @@ type GetReportInput = z.infer<typeof GetReportInputSchema>;
 export async function getReport(input: GetReportInput) {
   const validated = GetReportInputSchema.parse(input);
 
-  const { reportId, userId } = validated;
+  const { reportId, userId, permissionRole } = validated;
 
   const userOrg = await getUserOrganizationId(userId);
 
@@ -144,7 +146,7 @@ export async function getReport(input: GetReportInput) {
     versions: versionHistoryArray,
     collections: reportCollectionsResult,
     individual_permissions: individualPermissionsResult,
-    permission: userPermission ?? 'can_view',
+    permission: permissionRole ? permissionRole : (userPermission ?? 'can_view'),
     workspace_member_count: workspaceMemberCount,
   };