Currently the tagging implementation in Nexus Repo 3 is largely incompatible with partitioning of repositories by permissions. The reason for this is that tagging requires just two privileges:
It's not that common to restrict what a developer can view, but it is quite common to restrict what they can read and write. So for most users of tagging there is currently no way to limit which components a user is allowed to tag. Restrictions are important when you consider that tags are often used in staging. Tags which are on the wrong components can cause the wrong components to be moved during a staging operation.
There needs to be a way to restrict what a user can tag in a Nexus repository that is not based on browse privileges. One possibility would be to require write privileges on a component before tagging will work.
Also note that there is currently a bug which makes it so that even for users that are willing to restrict browse privileges partitioning still won't work: NEXUS-18898