diff --git a/app/controllers/submissions_controller.rb b/app/controllers/submissions_controller.rb
index 96c7c43a..45a6ad24 100644
--- a/app/controllers/submissions_controller.rb
+++ b/app/controllers/submissions_controller.rb
@@ -83,6 +83,8 @@ class SubmissionsController < ApplicationController
 
     notice =
       if params[:permanently].in?(['true', true])
+        WebhookUrls.enqueue_events(@submission, 'submission.archived')
+
         @submission.destroy!
 
         I18n.t('submission_has_been_removed')
diff --git a/app/controllers/submissions_download_controller.rb b/app/controllers/submissions_download_controller.rb
index 4bcd3237..6d036979 100644
--- a/app/controllers/submissions_download_controller.rb
+++ b/app/controllers/submissions_download_controller.rb
@@ -8,6 +8,8 @@ class SubmissionsDownloadController < ApplicationController
   FILES_TTL = 5.minutes
 
   def index
+    response.headers['Cache-Control'] = 'no-store'
+
     @submitter = Submitter.find_signed(params[:sig], purpose: :download_completed) if params[:sig].present?
 
     signature_valid =
diff --git a/app/controllers/submitter_edit_values_controller.rb b/app/controllers/submitter_edit_values_controller.rb
index d025befc..d93dfabf 100644
--- a/app/controllers/submitter_edit_values_controller.rb
+++ b/app/controllers/submitter_edit_values_controller.rb
@@ -17,7 +17,7 @@ class SubmitterEditValuesController < ApplicationController
                                 .reject { |f| NON_EDITABLE_TYPES.include?(f['type']) }
     editable_uuids = editable_fields.map { |f| f['uuid'] }
 
-    submitted_values = params[:values].to_h.slice(*editable_uuids)
+    submitted_values = params[:values].to_unsafe_h.slice(*editable_uuids)
 
     ActiveRecord::Base.transaction do
       @submitter.update!(values: @submitter.values.merge(submitted_values))
diff --git a/app/controllers/submitters_reopen_controller.rb b/app/controllers/submitters_reopen_controller.rb
index e7b0edf5..b1cad4ca 100644
--- a/app/controllers/submitters_reopen_controller.rb
+++ b/app/controllers/submitters_reopen_controller.rb
@@ -11,6 +11,15 @@ class SubmittersReopenController < ApplicationController
 
       @submitter.documents.each(&:purge)
 
+      # Clear stale LockEvents so EnsureResultGenerated regenerates on next completion
+      LockEvent.where(key: "result_attachments:#{@submitter.id}").delete_all
+      LockEvent.where(key: "combined_document:#{@submitter.id}").delete_all
+      LockEvent.where(key: "audit_trail:#{@submitter.submission_id}").delete_all
+
+      # Purge stale combined document and audit trail
+      @submitter.submission.combined_document.purge if @submitter.submission.combined_document.attached?
+      @submitter.submission.audit_trail.purge if @submitter.submission.audit_trail.attached?
+
       SubmissionEvent.create!(
         submitter: @submitter,
         event_type: :admin_reopen_form,
diff --git a/lib/submissions/ensure_result_generated.rb b/lib/submissions/ensure_result_generated.rb
index c59f6c73..4b6d4ed2 100644
--- a/lib/submissions/ensure_result_generated.rb
+++ b/lib/submissions/ensure_result_generated.rb
@@ -19,7 +19,18 @@ module Submissions
       total_wait_time ||= 0
       key = ['result_attachments', submitter.id].join(':')
 
-      return submitter.documents if ApplicationRecord.uncached { LockEvent.exists?(key:, event_name: :complete) }
+      if ApplicationRecord.uncached { LockEvent.exists?(key:, event_name: :complete) }
+        documents = submitter.documents
+
+        # Guard against stale lock: documents were purged after the lock was set (e.g. admin reopen).
+        # Reset the lock so we fall through to regenerate below.
+        unless documents.any?
+          LockEvent.where(key:).delete_all
+          return call(submitter)
+        end
+
+        return documents
+      end
 
       events = ApplicationRecord.uncached { LockEvent.where(key:).order(:id).to_a }