I assume you are familiar with accessControl standard filter. It allows you to separate privileges to run some action from action code itself. There is however one problem with most common usage - you cannot use bizRules, at least based on some parameters passed to 'checkAccess' just because it is hard to pass them in accessRules() result.
In SQL, wildcard characters can be used in "LIKE" expressions; the percent sign (%) matches zero or more characters, and underscore (_) a single character. Sometimes users are not familiar with these or they are using different ones like (*) and (+) similar to regular expressions. My colleages do so and then i decided to add this feature by extending CbCriteria. Especially adding a new parameter $wildcard_chars to the method addSearchCondition to replace them if needed with standard SQL characters: