The organization-wide default sets us a base level for access to the object. We can open the access using role hierarchies and sharing rules. Sharing rules can create automatic exceptions to the organization-wide defaults. We can create sharing rules based on the record owner and field values. We can share the records with users for the objects that are set as Private and Public Read Only using sharing rules. Sharing rules can only expand the sharing of the records, if the records are marked as Private or Public Read Only. If the user can see the records with organization-wide defaults, we can restrict them using sharing rules.
Let's set up the sharing rules:
Go to Username | Setup | Administrative Setup | Security Control | Sharing Settings.
Below the organization-wide defaults, there are multiple sections of objects, as shown in the following screenshot:
We can set the sharing rules based on the criteria of the users, as shown in the following screenshot: