Description of problem:
Non-admin user can have access to /hosts url.

Version-Release number of selected component (if applicable):
si27

How reproducible:
always

Steps to Reproduce:
1. Add user non-admin role(for example: UserVmManager on cluster)
2. Access /hosts url as user.
  
Actual results:
User can view /hosts url.

Expected results:
error 403, forbidden

Additional info:
bug 839569