Description of problem:
For a Sudo Rule, after a hostgroup or usergroup is added to its list, it still list members of the group when adding hosts or users

Version-Release number of selected component (if applicable):
ipa-server-2.1.1-1.el6.x86_64

How reproducible:
always

Steps to Reproduce:
1. Add  a host, hostgroup. Add the host as a member to this hostgroup
2. Add a Sudo rule, Edit it
3. Add the hostgroup to its list in Accessing section
4. Add a host in Accessing section

Actual results:
host which is member of the hostgroup is listed

Expected results:
host which is member of the hostgroup should not be listed, since the hostgroup is already added to the list

Additional info:
Same scenario - when adding users that already belong to a usergroup which is already added to Sudo Rule in Who section. the user is listed, but should not be.

This host adder dialog in HBAC works as expected.

The cli output is as expected as well:

 -- ADD HOSTGROUP TO SUDO RULE -- 
ipa  sudorule-add-host --hostgroups=testhostgroup qesudorule
  Rule name: qesudorule
  Enabled: TRUE
  Host Groups: testhostgroup
-------------------------
Number of members added 1
-------------------------

 -- RUN HOST-FIND --
ipa host-find --not-in-sudorule=qesudorule
---------------
1 host matched
---------------
  Host name: qe-blade-05.testrelm
  Principal name: host/qe-blade-05.testrelm@TESTRELM
  Keytab: True
  Password: False
  Managed by: qe-blade-05.testrelm
----------------------------
Number of entries returned 1
----------------------------


ipa host-find --in-sudorule=qesudorule
--------------
1 host matched
--------------
  Host name: qehost.testrelm
  Principal name: host/qehost.testrelm@TESTRELM
  Keytab: False
  Password: False
  Member of host-groups: testhostgroup
  Indirect Member of netgroup: testhostgroup
  Managed by: qehost.testrelm
----------------------------
Number of entries returned 1
----------------------------