Support regular expressions for privilege checks

[em0ney]

Would be great to be able to pass either a string or a regular expression value for the privilege argument to isAllowed.

This means that if we want to interpret read privileges over all resources, but a team resource may have multiple privilege types matching read, e.g. read, billing.read, invoices.read, one check could be employed /.read$/