Browsing context list I find two missing contexts, which does'nt allow role system to be as flexible as it can be.
One is CONTEXT_COURSE_SECTION - sometimes we need to restrict access of particular students (or teachers, or editors) to particular sections of the course. Capabilities may be view, view hidden activities/resources, update existing activites/resources, grade activities and add new activities/resources and so on. This is very useful when sections are thematical parts of the courses and different people responsible for the materials in them.
Another missing context is CONTEXT_ACTIVITY_ELEMENT, which allow modules to handle access to the individual elements within the instances. Existing schemas for some modules (such as wiki, where you can have student, group or global wiki, or the forums) are as rigid as old permission architecture of Moodle. It will be nice to have capabilities to restrict students right to edit wiki to the particular pages in group wiki, or restrict rights to post to specifical discussion in the forum.