diff --git a/awx/main/models/mixins.py b/awx/main/models/mixins.py
index a4af969434..a54f49dfd6 100644
--- a/awx/main/models/mixins.py
+++ b/awx/main/models/mixins.py
@@ -48,7 +48,7 @@ class ResourceMixin(models.Model):
                 roles = roles.filter(ancestors__in=accessor_roles)
 
             kwargs = {'id__in':roles.values_list('object_id', flat=True)}
-            return cls.objects.filter(**kwargs)
+            return cls.objects.filter(**kwargs).distinct()
 
         if type(accessor) == User:
             kwargs = {}
@@ -66,7 +66,7 @@ class ResourceMixin(models.Model):
             kwargs[role_name + '__ancestors__in'] = roles
             qs = cls.objects.filter(**kwargs)
 
-        return qs
+        return qs.distinct()
 
 
     def get_permissions(self, accessor):
diff --git a/awx/main/models/rbac.py b/awx/main/models/rbac.py
index 75564c345c..0f07e02478 100644
--- a/awx/main/models/rbac.py
+++ b/awx/main/models/rbac.py
@@ -94,6 +94,11 @@ class Role(CommonModelNameNotUnique):
         return reverse('api:role_detail', args=(self.pk,))
 
     def __contains__(self, user):
+        if user.__class__.__name__ == 'Team':
+            team_type = ContentType.objects.get_for_model(user)
+            roles = Role.objects.filter(content_type__pk=team_type.id,
+                                        object_id=user.id)
+            return self.ancestors.filter(pk__in=roles).exists()
         return self.ancestors.filter(members=user).exists()
 
     def rebuild_role_ancestor_list(self):
diff --git a/awx/main/tests/functional/test_rbac_team.py b/awx/main/tests/functional/test_rbac_team.py
index 7bd60279ca..3961cb837a 100644
--- a/awx/main/tests/functional/test_rbac_team.py
+++ b/awx/main/tests/functional/test_rbac_team.py
@@ -65,9 +65,9 @@ def test_team_accessible_objects(team, user, project):
     u = user('team_member', False)
 
     team.member_role.children.add(project.member_role)
-    assert len(Project.accessible_objects(team, {'read':True})) == 1
-    assert not Project.accessible_objects(u, {'read':True})
+    assert len(Project.accessible_objects(team, 'read_role')) == 1
+    assert not Project.accessible_objects(u, 'read_role')
 
     team.member_role.members.add(u)
-    assert len(Project.accessible_objects(u, {'read':True})) == 1
+    assert len(Project.accessible_objects(u, 'read_role')) == 1