Thanks for sharing @n44o 
It is really great to learn more on how Unlock works, including your thoughts on upgradeability and how you use OpenZeppelin.
I first came across Unlock when I purchased the Week in Ethereum News - 3 year anniversary Edition and the NFT is part of my OpenSea collection: https://opensea.io/assets/0x79c91241eff1f119cdf743730f6e6fb2af7fb279/24
I think using NFTs for unlocking memberships, subscriptions and special privileges are a great idea e.g. social media subscriptions to unlock functionality or annual sports team membership to access content, discounts and eventually physical access to events. I would love to have NFT tickets to events that I went to.
Regards, access controls, it would be great to have your input on your requirements.
I would recommend being part of the discussion on the redesign: Redesigning Access Control for the OpenZeppelin Contracts.
As well as OpenZeppelin Test Helpers, there is also OpenZeppelin Test Environment that you may want to look at for your testing needs. Plus OpenZeppelin CLI as of CLI 2.8 release candidate supports regular deploys (as well as upgradeable and minimal contracts).