Description of problem:
API query

/api/hostgroups/HOSTGROUPID/ansible_roles

does provide different output that WebUI editing the same HostGroup in some cases. Esp. when:
- an Ansible Role (AR) is *not* associated with the HG (neither with its parents),
- the AR is associated to a Host
- the Host is associated with the HG

Then API call follows https://github.com/theforeman/foreman_ansible/blob/master/app/models/concerns/foreman_ansible/hostgroup_extensions.rb#L37-L43 and adds that AR to its response.

Contrary to that, WebUI uses https://github.com/theforeman/foreman_ansible/blob/master/app/helpers/foreman_ansible/ansible_roles_helper.rb#L38-L49 method that counts with ARs associated to the HG and/or its parents - only.


Version-Release number of selected component (if applicable):
Sat 6.11+


How reproducible:
100%


Steps to Reproduce:
1. Have 2 Ansible Roles, one assigned to a HG, another to a Host
2. Assign the Host to the HostGroup
3. In WebUI, edit the HostGroup -> Ansible Roles tab
4. call /api/hostgroups/HOSTGROUPID/ansible_roles (i.e. "curl -s -u admin:password https://$(hostname -f)/api/hostgroups/1/ansible_roles")


Actual results:
3. shows just the one AG assigned to the HG
4. shows *two* AGs "assigned" to the HG: the right one and also the one assigned "just" to the Host


Expected results:
Align the results - I think API response should be corrected and should not output ARs assigned to Hosts (associated with the HG). Since those AGs are not (directly) associated with the HG.


Additional info: