Hi community, I am lost with masking of usernames. 

We have team managers that are responsible for teams and users. My (simplified) data model is as below.
A fact table with number of actions by users. A dimension table with users and teams. With a relation between UserTeam-dimension and fact table on User(ID). Then a disconnected RLS table and a role that filters RLS table by logged in manager on userprincipalname.
If mgr1@email logs in the RLS table gets correctly filtered, for users 1, 2 and 3.

The result should be a table or chart where all data for teams and actions is shown. But usernames only exposed according to the logged in manager. Usernames of other teams should be masked.

The idea seemed to be easy. Like this - If user to be shown in result table/chart is given in filtered RLS table then show the user, if not then mask. Or as alternative, if maybe pssible by appropriate relations, show blank if user is not given in filtered RLS. Actually in my dataset I have teams and users in separate tables, combined with a relation table connected to fact table. That should make it possible to show teams, but not users. 

Have tried many ways, for example to add a calculated column with LOOKUP, CONTAINS on fact userid = RLS userid etc. But all failed. Lookup for example brings "true" for all users, even if the RLS table is filtered.

My first try was with a relation between RLS and User table. But this simply filters on users 1/2/3 and excludes users 4/5/6.

Also strange, a relation between RLS and User table apparently did work in desired way in the past in published report. But all of a sudden, after data refresh or re-publish it got lost.

Would be more than happy if someone can guide me to a solution. 
Many thanks in avance!

Gerhard