The permission check of copyartifact doesn't work with workflow:

• Copyartifact performs runtime permission check only when the project name is specified with variables.
  • Variables in workflow jobs are resolved before passed to builders.
  • Even if variable expression is passed to builders, builder cannot resolve that variables (see JENKINS-26694)
• Configuration-time permission check doesn't performed as it performs only when triggered via stapler.