From what I have read and some online vids I've watched, I understood that record owners have full access to the records that they own. Full access meant that they could read, edit, delete and share that record.
However, to confirm this I created a record of an object and then assigned ownership of that record to a user that only had Read object level access. Then I logged in as the owner.
The owner could only see the record and not edit. When I added edit object permissions, they could then edit.
So, do object level permissions always filter out records and restrict what a user can do to that record, even if owned by the user?
Best Answer
From SF - Sharing Considerations:
While your sharing model controls visibility to records, user permissions and object-level permissions control what users can do to those records. Regardless of the sharing settings, users must have the appropriate object-level permissions. For example, if you share an account, those users can only see the account if they have the “Read” permission on accounts. Likewise, users who have the “Edit” permission on contacts may still not be able to edit contacts they do not own if they are working in a Private sharing model.
Administrators, and users with the “View All Data” or “Modify All Data” permissions, have access to view or edit all data.
Your observations are consistent with this documenation.