@RequestMapping(value = "supervised/facilities", method = RequestMethod.GET)
 @PreAuthorize("@permissionEvaluator.hasPermission(principal,'MANAGE_EQUIPMENT_INVENTORY')")
 public ResponseEntity<ModelMap> getFacilities(
     @RequestParam("programId") Long programId, HttpServletRequest request) {
   ModelMap modelMap = new ModelMap();
   Long userId = loggedInUserId(request);
   List<Facility> facilities =
       facilityService.getUserSupervisedFacilities(userId, programId, MANAGE_EQUIPMENT_INVENTORY);
   modelMap.put(FACILITIES, facilities);
   return new ResponseEntity<>(modelMap, HttpStatus.OK);
 }
  @Test
  public void shouldGetRightsForAUserOnHomeFacilityAndProgram() throws Exception {
    Long userId = 1L;
    Facility facility = new Facility(2L);
    Program program = new Program(3L);
    List<Right> expected = asList(CREATE_REQUISITION);

    when(facilityService.getHomeFacility(userId)).thenReturn(facility);
    when(roleRightsRepository.getRightsForUserOnHomeFacilityAndProgram(userId, program))
        .thenReturn(expected);

    Set<Right> result =
        roleRightsService.getRightsForUserAndFacilityProgram(userId, facility, program);

    assertThat(result.containsAll(expected), is(true));
    verify(roleRightsRepository).getRightsForUserOnHomeFacilityAndProgram(userId, program);
  }