Well, I thought about creating a new role with predefined capability on COURSE level. So if an admin will assign this role to a user, he (user) gets this capability by default.
I was trying to use backup_controller class to make a copy of activity in one course and then restore this activity in another course.
You can pass userid in backup_controller constructor and so I found a workaround: I pass admin userid into backup_controller constructor and then I restore this backup passing actual userid into restore_controller constructor. So the initial question about role creation is not relevant now.