What is the difference between "add" and "edit" privileges for repositories?

The add and edit privileges in Nexus Repository 3.x are actually a bit confusing with regards to repositories (they make sense for the REST API in general though).

The "edit" privilege allows HTTP PUT requests, the "add" privilege allows "POST".

Most build client tools which interact with Nexus deploy content via PUT requests, but there are a few exceptions, such as python.

The simplest thing to do is not to worry about the above, and grant add+edit to anyone that needs to deploy artifacts, and use the repository's deployment policy to control whether components can be updated.

If you don't want to allow overwriting artifacts in a repository that should be done with the repository's deployment policy, setting it to "disable redeploy".