I'm trying to set item permissions so that only the person who filled out the form can read the item. When I run the workflow, I see a message, "Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))". I'm running the action within an Action Set so that it would execute with workflow owner privilege's. Any idea what I'm doing wrong?
Best answer by GarrettView original
Did you grant Full Control permission to your workflow?
Refer to Action Set documentation - https://help.nintex.com/en-US/office365/Designer/Actions/ActionSet.htm
I had not seen these steps before, but yes, I have now done this. Ran the workflow again, but no change. Same error. I was able to follow those steps for the 2 "workflow" items below, but not for the "forms" one. It says I don't have access. Not sure if that matters.
Are you the SPO Site Administrator?
Otherwise, you need to get your SPO Site Administrator to complete the steps
Can you go to Site Settings -> Manage site features
Scroll to the end. Find "Workflow can use app Permission". What does it say? It should be ACTIVE
Yes, I have the feature as active. I am also the site admin.
Re-Publish the Workflow. Then run it.
Your Action Set has elevated privileges enabled, right.
The collapsed Action Set should have a golden key icon to show that elevated privileges' are enabled.
I'm sure you have done this.
Yes, I've got that checked and I do see the golden key.
Hi @GoIllini This is one of those cases that needs deeper investigation on each component from start to end ... much like when you suffer a Internet failure - check with another device, check Wi-Fi adapter, check Wi-Fi connection, check Router, check Provider, etc.
The painful but necessary Step-by-Step process of elimination.
1. So, Create a new Nintex Workflow.
2. Add the Action Set. Place the Office 365 update item permissions and a Log to History inside the Action Set.
3. For the Office 365 update item permissions settings, remove all/most variables
3a. List Name - Remove Var, Set with a hardcoded value
3b. Items to update - Remove Var, Set to ID equals 1 (Show the ID column, make sure it exists)
3c. User or group name - Remove Var, Set with a valid User (Should not be you!!)
3d. All matched items updated - Set Var to store the operation result. (Display this Var in the Log to History)
Did this complete successfully when you run it?
No - Issue is possibly with the Connection settings
Yes - Replace back with the Variables. Use a Log to History to display the Var values before the
Office 365 update item permissions. Use another Log to History to display the operation result.
Now, Did this complete successfully when a normal User run it?
Well this is embarrassing. Under the "Filters" section for the field "Update the items when column", I was using the fields from the workflow Item Properties. All I needed to do was simply manually type in the field name "ID". Works fine now. It is laughably obvious now that I notice it. Thank you for your support @Garrett
No worries.. these things just happens. Pretty good exercise in debugging though.
Just laugh off and learn from the experience...