I had an interesting service catalog enhancement request come up the other day and I was hoping the larger community could help me validate it. The basic use case is as follows -

Currently on Service Catalog, every active catalog item is available to all users of the platform unless specific user criteria has been applied on the item to restrict its availability. Before user criteria, entitlement scripts allowed admins to restrict availability. The enhancement request is focused around the default availability of the catalog item. The request asks us to deny access by default, which means that when a catalog item is created or published to the Service Catalog, it wouldn't be immediately available for users. Specific user criteria would need to be applied on the item to make it available.

My opinion, based on my experience in the field, is that this is not the right approach. I would assume that more catalog items are generally available for all users of the platform than ones with restricted availability. Hence, it would be easier to restrict individual items as needed than making items available on a need by need basis.

Looking forward to hearing what you folks think about this!! If you would respond by voting in the following manner, that would help me build consensus around the topic -

1. Vote 1 - If you believe the current behavior is sound. Allow by default, Deny by choice
2. Vote 2 - If you believe the behavior needs to change. Deny by default, Allow by choice