This sub-task is for the implementation once design/documentation is finished. Please make sure that the code which calls the /hasRight endpoint is generic and reusable by the Requisition Service.
Necessary rights are being created in the system/bootstrap data.
Rights checks are in place.
Test that the rights checks apply to save, submit and approve Requisitions. This should work at the API level, and you should also be able to test and confirm it using the UI. You will need to attempt to save, submit and approve a requisition that you actually don't have permissions to (either because of your role and home facility OR because of the status of the requisition).
Automated tests validate that security is applied properly, including checking that users are correctly prohibited from trying to create, update, approve, or delete requisitions when they don't have the right permissions to do so.