Yup, I've read through those, but user defined roles are a bit of a different case, as it has limited relations and permissions, so they are dynamic on a different layer (dynamic setting of sets of capabilities in limited space of permissions Vs having unlimited space of permissions) Hence my question around caveats, as in principle they could allow extremely dynamic relationships and permission checks - but would obviously add evaluation logic on top.