Sorry if this is a really basic question, but I've spent ages reading through the documentation and still can't get my head around access policies.
I'm creating a turn based card game where players can create up to 3 characters and play different games with them with a group of up to 4 other people. I'm using the Objects in the player's account to store their character information (so object 'Character1', object 'Character2', object 'Character3'). Then when they join a game, they will temporarily join a game Group as either a player or a host (if no other players have joined yet) where all group members can access stored group information about the game (updated on each turn).
I want all players to be able to read information stored on the player's character objects (so everyone can view things like their name, level, basic info). But I only want the player to be able to update that information.
The group policies I think I understand, so I'm ok with those. But how do I set the object policies? Am I right in thinking it's Players > Player ID > Policy > then add a policy for each character object to allow Read access by anyone? Does this set the same policy for all players who have those objects (which they are all assigned when they create an account)? Or is it only for the character objects of that specific player? If it's the latter, where do I set a policy for the whole game that states that any player can view information on any 'character1' object owned by any player?