KB-1626 ERROR:Work item cancelled (Data Inputs) thrown from process model nodes

Symptoms

A process model throws the following alert, either when running or when a failed node is restarted.

Additionally, the following error appears in the application server logs:

23:14:38,580 INFO [stdout] (default-threads - 49) 2018-07-13 23:14:38,576 [default-threads - 49] ERROR com.appiancorp.ra.workpoller.WorkItemListener - The following exception occurred while attempting to complete work item [WORK_ITEM_DETAILS] - Exception:
23:14:38,580 INFO [stdout] (default-threads - 49) javax.resource.spi.work.WorkCompletedException: com.appiancorp.suiteapi.common.exceptions.AppianRuntimeException: com.appiancorp.security.authz.AuthorizationException: The user [USER] does not have sufficient privileges to perform the requested action because they are not in any role. (APNX-1-4188-001)

Cause

This issue typically occurs when the impacted process is running under a deactivated user account. Due to this, a permissions check fails when trying to execute certain nodes, for example, User Input Tasks and some unattended activities. This issue has been reported to the Appian Product Team. The reference number for this issue is AN-46187.

Action

  • If the error is occurring in a sub-process, ensure that the sub-process node in the parent process is not set to run as the deactivated user. For example, if the parent process was designed by a deactivated user, set it to run as the initiator. If the parent process was initiated by a deactivated user, set the sub-process to run as the process designer.
  • If the error is occurring in an unattended activity, repeat the steps from the above on the "Assignment" tab of the failing unattended activities of the Process Model.
  • If the error is occurring in an User Input Task or another attended activity, ensure that the user is not referenced in the assignment of that node, cancel all pending activity on the model, and restart the node as an active user.

Workaround

If all of the steps in the "Action" section fail to resolve the issue, temporarily reactivate the deactivated user account and add the user to a group, then remove the user from the group before allowing the process to complete. In order to ensure the deactivated account cannot be accessed by the user who it belonged to, follow the steps below:

  1. Change the e-mail address to something other than the user's actual e-mail address.
  2. Reset the password via the Admin Console.

Affected Versions

This article applies to all versions of Appian.

Last Reviewed: August 2018

Related
Recommended