reallink-cli 0.1.1 → 0.1.5

package/rust/src/main.rs

@@ -3,11 +3,15 @@ use clap::{ArgAction, Args, Parser, Subcommand};
 use reqwest::{Method, StatusCode};
 use serde::{Deserialize, Serialize};
 use std::fs;
-use std::path::PathBuf;
+use std::io::{self, Write};
+use std::path::{Path, PathBuf};
 use std::time::{Duration, SystemTime, UNIX_EPOCH};
 use tokio::time::sleep;
 
 const DEFAULT_BASE_URL: &str = "https://api.real-agent.link";
+const CONFIG_DIR_ENV: &str = "REALLINK_CONFIG_DIR";
+const SESSION_DIR_NAME: &str = "reallink";
+const SESSION_FILE_NAME: &str = "session.json";
 
 #[derive(Parser)]
 #[command(name = "reallink", version, about = "Reallink CLI")]
@@ -21,10 +25,22 @@ enum Commands {
     Login(LoginArgs),
     Whoami(BaseArgs),
     Logout,
+    Project {
+        #[command(subcommand)]
+        command: ProjectCommands,
+    },
     Token {
         #[command(subcommand)]
         command: TokenCommands,
     },
+    File {
+        #[command(subcommand)]
+        command: FileCommands,
+    },
+    Tool {
+        #[command(subcommand)]
+        command: ToolCommands,
+    },
 }
 
 #[derive(Args)]
@@ -41,6 +57,8 @@ struct LoginArgs {
     client_id: String,
     #[arg(long = "scope", action = ArgAction::Append)]
     scope: Vec<String>,
+    #[arg(long)]
+    force: bool,
 }
 
 #[derive(Subcommand)]
@@ -50,6 +68,36 @@ enum TokenCommands {
     Revoke(TokenRevokeArgs),
 }
 
+#[derive(Subcommand)]
+enum ProjectCommands {
+    List(ProjectListArgs),
+    Create(ProjectCreateArgs),
+    Get(ProjectGetArgs),
+    Update(ProjectUpdateArgs),
+    Delete(ProjectDeleteArgs),
+}
+
+#[derive(Subcommand)]
+enum FileCommands {
+    List(FileListArgs),
+    Get(FileGetArgs),
+    Upload(FileUploadArgs),
+    Mkdir(FileMkdirArgs),
+    Move(FileMoveArgs),
+    Remove(FileRemoveArgs),
+}
+
+#[derive(Subcommand)]
+enum ToolCommands {
+    List(ToolListArgs),
+    Register(ToolRegisterArgs),
+    Enable(ToolEnableArgs),
+    Disable(ToolDisableArgs),
+    Run(ToolRunArgs),
+    Runs(ToolRunsArgs),
+    GetRun(ToolGetRunArgs),
+}
+
 #[derive(Args)]
 struct TokenCreateArgs {
     #[arg(long)]
@@ -74,6 +122,212 @@ struct TokenRevokeArgs {
     base_url: Option<String>,
 }
 
+#[derive(Args)]
+struct FileListArgs {
+    #[arg(long)]
+    project_id: String,
+    #[arg(long)]
+    path: Option<String>,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct FileGetArgs {
+    #[arg(long)]
+    asset_id: String,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct FileUploadArgs {
+    #[arg(long)]
+    project_id: String,
+    #[arg(long)]
+    source: PathBuf,
+    #[arg(long)]
+    path: Option<String>,
+    #[arg(long, default_value = "other")]
+    asset_type: String,
+    #[arg(long, default_value = "private")]
+    visibility: String,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct FileMkdirArgs {
+    #[arg(long)]
+    project_id: String,
+    #[arg(long)]
+    path: String,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct FileMoveArgs {
+    #[arg(long)]
+    asset_id: String,
+    #[arg(long)]
+    file_name: String,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct FileRemoveArgs {
+    #[arg(long)]
+    asset_id: String,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ToolListArgs {
+    #[arg(long)]
+    include_inactive: bool,
+    #[arg(long)]
+    include_disabled_channel: bool,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ToolRegisterArgs {
+    #[arg(long, help = "Path to a JSON/JSONC tool manifest")]
+    manifest: PathBuf,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ToolEnableArgs {
+    #[arg(long)]
+    tool_id: String,
+    #[arg(long)]
+    org_id: Option<String>,
+    #[arg(long)]
+    project_id: Option<String>,
+    #[arg(long)]
+    user_id: Option<String>,
+    #[arg(long)]
+    expires_at: Option<String>,
+    #[arg(long, help = "Path to JSON/JSONC metadata file")]
+    metadata_file: Option<PathBuf>,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ToolDisableArgs {
+    #[arg(long)]
+    tool_id: String,
+    #[arg(long)]
+    org_id: Option<String>,
+    #[arg(long)]
+    project_id: Option<String>,
+    #[arg(long)]
+    user_id: Option<String>,
+    #[arg(long, help = "Path to JSON/JSONC metadata file")]
+    metadata_file: Option<PathBuf>,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ToolRunArgs {
+    #[arg(long)]
+    tool_id: String,
+    #[arg(long)]
+    org_id: Option<String>,
+    #[arg(long)]
+    project_id: Option<String>,
+    #[arg(long, help = "Inline JSON object for tool input")]
+    input_json: Option<String>,
+    #[arg(long, help = "Path to JSON/JSONC file for tool input")]
+    input_file: Option<PathBuf>,
+    #[arg(long, help = "Path to JSON/JSONC metadata file")]
+    metadata_file: Option<PathBuf>,
+    #[arg(long, help = "Idempotency key for deduplicating retries")]
+    idempotency_key: Option<String>,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ToolRunsArgs {
+    #[arg(long)]
+    tool_id: Option<String>,
+    #[arg(long)]
+    project_id: Option<String>,
+    #[arg(long)]
+    requested_by_user_id: Option<String>,
+    #[arg(long)]
+    status: Option<String>,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ToolGetRunArgs {
+    #[arg(long)]
+    run_id: String,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ProjectListArgs {
+    #[arg(long)]
+    org_id: Option<String>,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ProjectCreateArgs {
+    #[arg(long)]
+    org_id: String,
+    #[arg(long)]
+    name: String,
+    #[arg(long)]
+    description: Option<String>,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ProjectGetArgs {
+    #[arg(long)]
+    project_id: String,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ProjectUpdateArgs {
+    #[arg(long)]
+    project_id: String,
+    #[arg(long)]
+    name: Option<String>,
+    #[arg(long)]
+    description: Option<String>,
+    #[arg(long)]
+    clear_description: bool,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
+#[derive(Args)]
+struct ProjectDeleteArgs {
+    #[arg(long)]
+    project_id: String,
+    #[arg(long)]
+    base_url: Option<String>,
+}
+
 #[derive(Debug, Serialize, Deserialize, Clone)]
 struct SessionConfig {
     base_url: String,
@@ -185,8 +439,153 @@ struct CreateApiTokenResponse {
     expires_at: Option<String>,
 }
 
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct ProjectRecord {
+    id: String,
+    #[serde(alias = "orgId")]
+    org_id: String,
+    name: String,
+    description: Option<String>,
+    #[serde(alias = "createdAt")]
+    created_at: String,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+struct ListProjectsResponse {
+    projects: Vec<ProjectRecord>,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct ProjectResponse {
+    project: ProjectRecord,
+    #[serde(alias = "accessLevel")]
+    access_level: Option<String>,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct AssetRecord {
+    id: String,
+    project_id: String,
+    file_name: String,
+    content_type: String,
+    size_bytes: i64,
+    asset_type: String,
+    visibility: String,
+    status: String,
+    object_key: String,
+    etag: Option<String>,
+    created_at: String,
+    updated_at: String,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+struct ListAssetsResponse {
+    assets: Vec<AssetRecord>,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+struct AssetResponse {
+    asset: AssetRecord,
+}
+
+#[derive(Debug, Serialize)]
+#[serde(rename_all = "camelCase")]
+struct UploadIntentRequest {
+    project_id: String,
+    file_name: String,
+    content_type: String,
+    size_bytes: i64,
+    asset_type: String,
+    visibility: String,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(rename_all = "camelCase")]
+struct UploadIntentResponse {
+    asset_id: String,
+    #[serde(default = "default_upload_strategy")]
+    strategy: String,
+    upload_url: Option<String>,
+    method: Option<String>,
+    required_headers: Option<std::collections::HashMap<String, String>>,
+    session_id: Option<String>,
+    part_size_bytes: Option<i64>,
+    part_count: Option<i64>,
+    parts: Option<Vec<UploadPartIntent>>,
+}
+
+fn default_upload_strategy() -> String {
+    "single".to_string()
+}
+
+#[derive(Debug, Serialize, Deserialize, Clone)]
+#[serde(rename_all = "camelCase")]
+struct UploadPartIntent {
+    part_number: i64,
+    upload_url: String,
+    method: String,
+    required_headers: std::collections::HashMap<String, String>,
+}
+
+#[derive(Debug, Serialize)]
+#[serde(rename_all = "camelCase")]
+struct UploadCompletedPart {
+    part_number: i64,
+    etag: String,
+    size_bytes: i64,
+}
+
+#[derive(Debug, Serialize)]
+#[serde(rename_all = "camelCase")]
+struct UploadCompleteRequest {
+    asset_id: String,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    session_id: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    etag: Option<String>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    size_bytes: Option<i64>,
+    #[serde(skip_serializing_if = "Option::is_none")]
+    completed_parts: Option<Vec<UploadCompletedPart>>,
+}
+
 fn normalize_base_url(input: &str) -> String {
-    input.trim().trim_end_matches('/').to_string()
+    let trimmed = input.trim().trim_end_matches('/');
+    match reqwest::Url::parse(trimmed) {
+        Ok(url) => {
+            let Some(host) = url.host_str() else {
+                return trimmed.to_string();
+            };
+            let mut normalized = format!("{}://{}", url.scheme(), host);
+            if let Some(port) = url.port() {
+                normalized.push_str(&format!(":{}", port));
+            }
+            normalized
+        }
+        Err(_) => trimmed.to_string(),
+    }
+}
+
+fn parse_jsonc_str(raw: &str, context: &str) -> Result<serde_json::Value> {
+    let value: serde_json::Value =
+        json5::from_str(raw).with_context(|| format!("Failed to parse {}", context))?;
+    Ok(value)
+}
+
+fn load_jsonc_file(path: &Path, label: &str) -> Result<serde_json::Value> {
+    let raw = fs::read_to_string(path)
+        .with_context(|| format!("Failed to read {} file {}", label, path.display()))?;
+    parse_jsonc_str(&raw, &format!("{} file {}", label, path.display()))
+}
+
+fn parse_object_from_value(value: serde_json::Value, context: &str) -> Result<serde_json::Map<String, serde_json::Value>> {
+    match value {
+        serde_json::Value::Object(map) => Ok(map),
+        _ => Err(anyhow!("{} must be a JSON object", context)),
+    }
 }
 
 fn now_epoch_ms() -> u128 {
@@ -196,9 +595,43 @@ fn now_epoch_ms() -> u128 {
         .as_millis()
 }
 
+fn resolve_config_root() -> Result<PathBuf> {
+    if let Ok(custom_root) = std::env::var(CONFIG_DIR_ENV) {
+        let trimmed = custom_root.trim();
+        if !trimmed.is_empty() {
+            return Ok(PathBuf::from(trimmed));
+        }
+    }
+
+    dirs::config_dir().ok_or_else(|| anyhow!("Could not resolve config directory"))
+}
+
 fn config_path() -> Result<PathBuf> {
-    let base = dirs::config_dir().ok_or_else(|| anyhow!("Could not resolve config directory"))?;
-    Ok(base.join("reallink").join("session.json"))
+    let base = resolve_config_root()?;
+    Ok(base.join(SESSION_DIR_NAME).join(SESSION_FILE_NAME))
+}
+
+fn session_path_display() -> String {
+    config_path()
+        .map(|path| path.display().to_string())
+        .unwrap_or_else(|_| format!("<{}>/{}", SESSION_DIR_NAME, SESSION_FILE_NAME))
+}
+
+fn write_atomic(path: &Path, payload: &[u8]) -> Result<()> {
+    let temp_path = path.with_extension(format!("tmp.{}", now_epoch_ms()));
+    fs::write(&temp_path, payload)
+        .with_context(|| format!("Failed to write temporary file {}", temp_path.display()))?;
+    if path.exists() {
+        fs::remove_file(path).with_context(|| format!("Failed to replace {}", path.display()))?;
+    }
+    fs::rename(&temp_path, path).with_context(|| {
+        format!(
+            "Failed to move temporary file {} to {}",
+            temp_path.display(),
+            path.display()
+        )
+    })?;
+    Ok(())
 }
 
 fn save_session(session: &SessionConfig) -> Result<()> {
@@ -207,7 +640,7 @@ fn save_session(session: &SessionConfig) -> Result<()> {
         fs::create_dir_all(parent).with_context(|| format!("Failed to create {}", parent.display()))?;
     }
     let payload = serde_json::to_vec_pretty(session)?;
-    fs::write(&path, payload).with_context(|| format!("Failed to write {}", path.display()))?;
+    write_atomic(&path, &payload)?;
     Ok(())
 }
 
@@ -224,12 +657,13 @@ fn load_session() -> Result<SessionConfig> {
     Ok(session)
 }
 
-fn clear_session() -> Result<()> {
+fn clear_session() -> Result<bool> {
     let path = config_path()?;
     if path.exists() {
         fs::remove_file(&path).with_context(|| format!("Failed to remove {}", path.display()))?;
+        return Ok(true);
     }
-    Ok(())
+    Ok(false)
 }
 
 async fn read_error_body(response: reqwest::Response) -> String {
@@ -239,6 +673,33 @@ async fn read_error_body(response: reqwest::Response) -> String {
     }
 }
 
+fn clean_virtual_path(value: &str) -> String {
+    value
+        .split('/')
+        .map(|segment| segment.trim())
+        .filter(|segment| !segment.is_empty() && *segment != "." && *segment != "..")
+        .collect::<Vec<_>>()
+        .join("/")
+}
+
+fn apply_base_url_override(session: &mut SessionConfig, base_url: Option<String>) {
+    if let Some(base_url) = base_url {
+        session.base_url = normalize_base_url(&base_url);
+    }
+}
+
+fn join_remote_path(prefix: Option<&str>, file_name: &str) -> String {
+    let file_clean = clean_virtual_path(file_name);
+    let prefix_clean = prefix.map(clean_virtual_path).unwrap_or_default();
+    if prefix_clean.is_empty() {
+        return file_clean;
+    }
+    if file_clean.is_empty() {
+        return prefix_clean;
+    }
+    format!("{}/{}", prefix_clean, file_clean)
+}
+
 async fn authed_request(
     client: &reqwest::Client,
     session: &mut SessionConfig,
@@ -289,8 +750,41 @@ async fn refresh_session(client: &reqwest::Client, session: &mut SessionConfig)
     Ok(())
 }
 
+async fn existing_session_identity_for_base_url(
+    client: &reqwest::Client,
+    base_url: &str,
+) -> Option<String> {
+    let mut session = load_session().ok()?;
+    if normalize_base_url(&session.base_url) != base_url {
+        return None;
+    }
+
+    let response = authed_request(client, &mut session, Method::GET, "/auth/me", None)
+        .await
+        .ok()?;
+    if !response.status().is_success() {
+        return None;
+    }
+
+    let payload: serde_json::Value = response.json().await.ok()?;
+    let _ = save_session(&session);
+    payload
+        .get("user")
+        .and_then(|user| user.get("email"))
+        .and_then(|value| value.as_str())
+        .map(|email| email.to_string())
+}
+
 async fn login_command(client: &reqwest::Client, args: LoginArgs) -> Result<()> {
     let base_url = normalize_base_url(&args.base_url);
+    if !args.force {
+        if let Some(email) = existing_session_identity_for_base_url(client, &base_url).await {
+            println!("Already logged in as {} on {}.", email, base_url);
+            println!("Use `reallink logout` to sign out or `reallink login --force` to replace this session.");
+            return Ok(());
+        }
+    }
+
     let scope = if args.scope.is_empty() {
         vec![
             "core:read".to_string(),
@@ -331,9 +825,14 @@ async fn login_command(client: &reqwest::Client, args: LoginArgs) -> Result<()>
 
     let expires_at = std::time::Instant::now() + Duration::from_secs(device_code.expires_in);
     let mut poll_interval = Duration::from_secs(device_code.interval.max(1));
+    let mut pending_polls = 0u32;
+    println!("Waiting for approval (press Ctrl+C to cancel)");
 
     loop {
         if std::time::Instant::now() >= expires_at {
+            if pending_polls > 0 {
+                println!();
+            }
             return Err(anyhow!("Device code expired before approval"));
         }
 
@@ -351,6 +850,9 @@ async fn login_command(client: &reqwest::Client, args: LoginArgs) -> Result<()>
 
         if token_response.status().is_success() {
             let tokens: DeviceTokenSuccess = token_response.json().await?;
+            if pending_polls > 0 {
+                println!();
+            }
             let session = SessionConfig {
                 base_url: base_url.clone(),
                 access_token: tokens.access_token,
@@ -360,6 +862,7 @@ async fn login_command(client: &reqwest::Client, args: LoginArgs) -> Result<()>
             };
             save_session(&session)?;
             println!("Login successful.");
+            println!("Session stored at {}", session_path_display());
             return Ok(());
         }
 
@@ -372,12 +875,23 @@ async fn login_command(client: &reqwest::Client, args: LoginArgs) -> Result<()>
             });
 
         match error_payload.error.as_str() {
-            "authorization_pending" => continue,
+            "authorization_pending" => {
+                pending_polls = pending_polls.saturating_add(1);
+                print!(".");
+                let _ = io::stdout().flush();
+                continue;
+            }
             "slow_down" => {
                 poll_interval += Duration::from_secs(1);
+                pending_polls = pending_polls.saturating_add(1);
+                print!("+");
+                let _ = io::stdout().flush();
                 continue;
             }
             _ => {
+                if pending_polls > 0 {
+                    println!();
+                }
                 return Err(anyhow!(
                     "Device login failed: {} ({})",
                     error_payload.error,
@@ -388,11 +902,56 @@ async fn login_command(client: &reqwest::Client, args: LoginArgs) -> Result<()>
     }
 }
 
+async fn logout_command(client: &reqwest::Client) -> Result<()> {
+    let path_display = session_path_display();
+    let mut session = match load_session() {
+        Ok(session) => session,
+        Err(_) => {
+            println!("No local session found at {}.", path_display);
+            println!("You are already logged out.");
+            return Ok(());
+        }
+    };
+
+    let mut remote_revoked = false;
+    let mut remote_unavailable = false;
+    match authed_request(client, &mut session, Method::POST, "/auth/logout", None).await {
+        Ok(response) if response.status().is_success() => {
+            remote_revoked = true;
+        }
+        Ok(response) if response.status() == StatusCode::NOT_FOUND => {
+            remote_unavailable = true;
+        }
+        Ok(response) => {
+            let body = read_error_body(response).await;
+            eprintln!("Warning: remote logout request failed: {}", body);
+        }
+        Err(error) => {
+            eprintln!("Warning: remote logout request failed: {}", error);
+        }
+    }
+
+    let removed = clear_session()?;
+    if !removed {
+        println!("Local session was already cleared.");
+        return Ok(());
+    }
+
+    if remote_revoked {
+        println!("Logged out. Server session revoked and local session removed from {}.", path_display);
+    } else if remote_unavailable {
+        println!("Logged out locally. Removed session from {}.", path_display);
+        println!("Server logout endpoint is not available on this API deployment yet.");
+    } else {
+        println!("Logged out locally. Removed session from {}.", path_display);
+    }
+
+    Ok(())
+}
+
 async fn whoami_command(client: &reqwest::Client, args: BaseArgs) -> Result<()> {
     let mut session = load_session()?;
-    if let Some(base_url) = args.base_url {
-        session.base_url = normalize_base_url(&base_url);
-    }
+    apply_base_url_override(&mut session, args.base_url);
 
     let response = authed_request(client, &mut session, Method::GET, "/auth/me", None).await?;
     if !response.status().is_success() {
@@ -407,9 +966,7 @@ async fn whoami_command(client: &reqwest::Client, args: BaseArgs) -> Result<()>
 
 async fn token_list_command(client: &reqwest::Client, args: BaseArgs) -> Result<()> {
     let mut session = load_session()?;
-    if let Some(base_url) = args.base_url {
-        session.base_url = normalize_base_url(&base_url);
-    }
+    apply_base_url_override(&mut session, args.base_url);
 
     let response = authed_request(client, &mut session, Method::GET, "/auth/tokens", None).await?;
     if !response.status().is_success() {
@@ -424,9 +981,7 @@ async fn token_list_command(client: &reqwest::Client, args: BaseArgs) -> Result<
 
 async fn token_create_command(client: &reqwest::Client, args: TokenCreateArgs) -> Result<()> {
     let mut session = load_session()?;
-    if let Some(base_url) = args.base_url {
-        session.base_url = normalize_base_url(&base_url);
-    }
+    apply_base_url_override(&mut session, args.base_url);
 
     let scopes = if args.scope.is_empty() {
         return Err(anyhow!("At least one --scope must be provided"));
@@ -455,9 +1010,7 @@ async fn token_create_command(client: &reqwest::Client, args: TokenCreateArgs) -
 
 async fn token_revoke_command(client: &reqwest::Client, args: TokenRevokeArgs) -> Result<()> {
     let mut session = load_session()?;
-    if let Some(base_url) = args.base_url {
-        session.base_url = normalize_base_url(&base_url);
-    }
+    apply_base_url_override(&mut session, args.base_url);
 
     let path = format!("/auth/tokens/{}", args.token_id);
     let response = authed_request(client, &mut session, Method::DELETE, &path, None).await?;
@@ -471,25 +1024,741 @@ async fn token_revoke_command(client: &reqwest::Client, args: TokenRevokeArgs) -
     Ok(())
 }
 
+async fn project_list_command(client: &reqwest::Client, args: ProjectListArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let path = match args.org_id {
+        Some(org_id) if !org_id.trim().is_empty() => format!("/core/projects?orgId={}", org_id.trim()),
+        _ => "/core/projects".to_string(),
+    };
+
+    let response = authed_request(client, &mut session, Method::GET, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("project list failed: {}", body));
+    }
+    let payload: ListProjectsResponse = response.json().await?;
+    println!("{}", serde_json::to_string_pretty(&payload.projects)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn project_create_command(client: &reqwest::Client, args: ProjectCreateArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let response = authed_request(
+        client,
+        &mut session,
+        Method::POST,
+        "/core/projects",
+        Some(serde_json::json!({
+            "orgId": args.org_id,
+            "name": args.name,
+            "description": args.description
+        })),
+    )
+    .await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("project create failed: {}", body));
+    }
+    let payload: ProjectResponse = response.json().await?;
+    println!("{}", serde_json::to_string_pretty(&payload.project)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn project_get_command(client: &reqwest::Client, args: ProjectGetArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let path = format!("/core/projects/{}", args.project_id);
+    let response = authed_request(client, &mut session, Method::GET, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("project get failed: {}", body));
+    }
+    let payload: ProjectResponse = response.json().await?;
+    println!("{}", serde_json::to_string_pretty(&payload.project)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn project_update_command(client: &reqwest::Client, args: ProjectUpdateArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let mut body = serde_json::Map::new();
+    if let Some(name) = args.name {
+        body.insert("name".to_string(), serde_json::Value::String(name));
+    }
+    if args.clear_description {
+        body.insert("description".to_string(), serde_json::Value::Null);
+    } else if let Some(description) = args.description {
+        body.insert(
+            "description".to_string(),
+            serde_json::Value::String(description),
+        );
+    }
+
+    if body.is_empty() {
+        return Err(anyhow!(
+            "project update requires at least one field (--name, --description, or --clear-description)"
+        ));
+    }
+
+    let path = format!("/core/projects/{}", args.project_id);
+    let response = authed_request(
+        client,
+        &mut session,
+        Method::PATCH,
+        &path,
+        Some(serde_json::Value::Object(body)),
+    )
+    .await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("project update failed: {}", body));
+    }
+    let payload: ProjectResponse = response.json().await?;
+    println!("{}", serde_json::to_string_pretty(&payload.project)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn project_delete_command(client: &reqwest::Client, args: ProjectDeleteArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let path = format!("/core/projects/{}", args.project_id);
+    let response = authed_request(client, &mut session, Method::DELETE, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("project delete failed: {}", body));
+    }
+    let payload: serde_json::Value = response.json().await?;
+    println!("{}", serde_json::to_string_pretty(&payload)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn upload_asset_via_intent(
+    client: &reqwest::Client,
+    session: &mut SessionConfig,
+    project_id: &str,
+    remote_file_name: &str,
+    bytes: Vec<u8>,
+    content_type: &str,
+    asset_type: &str,
+    visibility: &str,
+) -> Result<AssetRecord> {
+    let size_bytes = bytes.len() as i64;
+    let intent_body = serde_json::to_value(UploadIntentRequest {
+        project_id: project_id.to_string(),
+        file_name: remote_file_name.to_string(),
+        content_type: content_type.to_string(),
+        size_bytes,
+        asset_type: asset_type.to_string(),
+        visibility: visibility.to_string(),
+    })?;
+
+    let intent_response = authed_request(
+        client,
+        session,
+        Method::POST,
+        "/assets/upload-intent",
+        Some(intent_body),
+    )
+    .await?;
+    if !intent_response.status().is_success() {
+        let body = read_error_body(intent_response).await;
+        return Err(anyhow!("upload-intent failed: {}", body));
+    }
+    let intent: UploadIntentResponse = intent_response.json().await?;
+    let strategy = intent.strategy.trim().to_ascii_lowercase();
+    let complete_payload = if strategy == "multipart" {
+        let part_size = intent
+            .part_size_bytes
+            .and_then(|value| if value > 0 { Some(value as usize) } else { None })
+            .ok_or_else(|| anyhow!("multipart upload intent is missing partSizeBytes"))?;
+        let part_count = intent
+            .part_count
+            .and_then(|value| if value > 0 { Some(value as usize) } else { None })
+            .ok_or_else(|| anyhow!("multipart upload intent is missing partCount"))?;
+        let session_id = intent
+            .session_id
+            .clone()
+            .ok_or_else(|| anyhow!("multipart upload intent is missing sessionId"))?;
+        let mut parts = intent.parts.clone().unwrap_or_default();
+        if parts.is_empty() {
+            return Err(anyhow!("multipart upload intent is missing parts"));
+        }
+        parts.sort_by_key(|part| part.part_number);
+        if parts.len() != part_count {
+            return Err(anyhow!(
+                "multipart upload intent has mismatched part count (expected {}, got {})",
+                part_count,
+                parts.len()
+            ));
+        }
+
+        let mut completed_parts = Vec::with_capacity(parts.len());
+        for part in parts {
+            let part_number = part.part_number;
+            if part_number <= 0 {
+                return Err(anyhow!("multipart part has invalid part number"));
+            }
+            let offset = (part_number as usize - 1) * part_size;
+            let end = std::cmp::min(offset + part_size, bytes.len());
+            if offset >= end {
+                return Err(anyhow!("multipart part range is invalid"));
+            }
+            let chunk = bytes[offset..end].to_vec();
+
+            let upload_method = Method::from_bytes(part.method.as_bytes()).unwrap_or(Method::PUT);
+            let etag = format!("etag_{}_{}", now_epoch_ms(), part_number);
+            let mut upload_request = client.request(upload_method, &part.upload_url);
+            for (key, value) in part.required_headers.iter() {
+                upload_request = upload_request.header(key, value);
+            }
+            upload_request = upload_request.header("x-mock-etag", &etag).body(chunk);
+            let upload_response = upload_request.send().await?;
+            if !upload_response.status().is_success() {
+                let body = read_error_body(upload_response).await;
+                return Err(anyhow!(
+                    "multipart upload failed on part {}: {}",
+                    part_number,
+                    body
+                ));
+            }
+
+            completed_parts.push(UploadCompletedPart {
+                part_number,
+                etag,
+                size_bytes: (end - offset) as i64,
+            });
+        }
+
+        serde_json::to_value(UploadCompleteRequest {
+            asset_id: intent.asset_id,
+            session_id: Some(session_id),
+            etag: None,
+            size_bytes: Some(size_bytes),
+            completed_parts: Some(completed_parts),
+        })?
+    } else {
+        let upload_url = intent
+            .upload_url
+            .clone()
+            .ok_or_else(|| anyhow!("single upload intent is missing uploadUrl"))?;
+        let method = intent.method.clone().unwrap_or_else(|| "PUT".to_string());
+        let required_headers = intent.required_headers.clone().unwrap_or_default();
+
+        let upload_method = Method::from_bytes(method.as_bytes()).unwrap_or(Method::PUT);
+        let etag = format!("etag_{}", now_epoch_ms());
+        let mut upload_request = client.request(upload_method, &upload_url);
+        for (key, value) in required_headers.iter() {
+            upload_request = upload_request.header(key, value);
+        }
+        upload_request = upload_request.header("x-mock-etag", &etag).body(bytes);
+        let upload_response = upload_request.send().await?;
+        if !upload_response.status().is_success() {
+            let body = read_error_body(upload_response).await;
+            return Err(anyhow!("upload PUT failed: {}", body));
+        }
+
+        serde_json::to_value(UploadCompleteRequest {
+            asset_id: intent.asset_id,
+            session_id: intent.session_id.clone(),
+            etag: Some(etag),
+            size_bytes: Some(size_bytes),
+            completed_parts: None,
+        })?
+    };
+
+    let complete_response = authed_request(
+        client,
+        session,
+        Method::POST,
+        "/assets/upload-complete",
+        Some(complete_payload),
+    )
+    .await?;
+    if !complete_response.status().is_success() {
+        let body = read_error_body(complete_response).await;
+        return Err(anyhow!("upload-complete failed: {}", body));
+    }
+    let payload: AssetResponse = complete_response.json().await?;
+    Ok(payload.asset)
+}
+
+async fn file_list_command(client: &reqwest::Client, args: FileListArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let path = format!("/assets?projectId={}", args.project_id);
+    let response = authed_request(client, &mut session, Method::GET, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("file list failed: {}", body));
+    }
+    let mut payload: ListAssetsResponse = response.json().await?;
+    if let Some(prefix) = args.path {
+        let cleaned = clean_virtual_path(&prefix);
+        if !cleaned.is_empty() {
+            let strict = format!("{}/", cleaned);
+            payload.assets = payload
+                .assets
+                .into_iter()
+                .filter(|asset| asset.file_name == cleaned || asset.file_name.starts_with(&strict))
+                .collect();
+        }
+    }
+    println!("{}", serde_json::to_string_pretty(&payload.assets)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn file_get_command(client: &reqwest::Client, args: FileGetArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let path = format!("/assets/{}", args.asset_id);
+    let response = authed_request(client, &mut session, Method::GET, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("file get failed: {}", body));
+    }
+    let payload: AssetResponse = response.json().await?;
+    println!("{}", serde_json::to_string_pretty(&payload.asset)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn file_upload_command(client: &reqwest::Client, args: FileUploadArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let bytes = fs::read(&args.source)
+        .with_context(|| format!("Failed to read source file {}", args.source.display()))?;
+    let source_name = args
+        .source
+        .file_name()
+        .and_then(|name| name.to_str())
+        .ok_or_else(|| anyhow!("source file name is invalid"))?;
+    let remote_name = join_remote_path(args.path.as_deref(), source_name);
+    if remote_name.is_empty() {
+        return Err(anyhow!("resolved remote file name is empty"));
+    }
+
+    let asset = upload_asset_via_intent(
+        client,
+        &mut session,
+        &args.project_id,
+        &remote_name,
+        bytes,
+        "application/octet-stream",
+        &args.asset_type,
+        &args.visibility,
+    )
+    .await?;
+    println!("{}", serde_json::to_string_pretty(&asset)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn file_mkdir_command(client: &reqwest::Client, args: FileMkdirArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let folder = clean_virtual_path(&args.path);
+    if folder.is_empty() {
+        return Err(anyhow!("folder path is empty"));
+    }
+    let marker_file = join_remote_path(Some(&folder), ".reallink.keep");
+    let marker_bytes = format!("folder marker {}\n", now_epoch_ms()).into_bytes();
+    let asset = upload_asset_via_intent(
+        client,
+        &mut session,
+        &args.project_id,
+        &marker_file,
+        marker_bytes,
+        "text/plain",
+        "other",
+        "private",
+    )
+    .await?;
+    println!("{}", serde_json::to_string_pretty(&asset)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn file_move_command(client: &reqwest::Client, args: FileMoveArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let file_name = clean_virtual_path(&args.file_name);
+    if file_name.is_empty() {
+        return Err(anyhow!("file_name is empty"));
+    }
+    let path = format!("/assets/{}", args.asset_id);
+    let response = authed_request(
+        client,
+        &mut session,
+        Method::PATCH,
+        &path,
+        Some(serde_json::json!({
+            "fileName": file_name
+        })),
+    )
+    .await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("file move failed: {}", body));
+    }
+    let payload: AssetResponse = response.json().await?;
+    println!("{}", serde_json::to_string_pretty(&payload.asset)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn file_remove_command(client: &reqwest::Client, args: FileRemoveArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let path = format!("/assets/{}", args.asset_id);
+    let response = authed_request(client, &mut session, Method::DELETE, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("file remove failed: {}", body));
+    }
+    let payload: serde_json::Value = response.json().await?;
+    println!("{}", serde_json::to_string_pretty(&payload)?);
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn tool_list_command(client: &reqwest::Client, args: ToolListArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let path = format!(
+        "/tools/definitions?includeInactive={}&includeDisabledChannel={}",
+        args.include_inactive, args.include_disabled_channel
+    );
+    let response = authed_request(client, &mut session, Method::GET, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("tool list failed: {}", body));
+    }
+    let payload: serde_json::Value = response.json().await?;
+    println!(
+        "{}",
+        serde_json::to_string_pretty(payload.get("definitions").unwrap_or(&payload))?
+    );
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn tool_register_command(client: &reqwest::Client, args: ToolRegisterArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let manifest = load_jsonc_file(&args.manifest, "tool manifest")?;
+    let body = serde_json::Value::Object(parse_object_from_value(
+        manifest,
+        "tool manifest payload",
+    )?);
+    let response =
+        authed_request(client, &mut session, Method::POST, "/tools/definitions", Some(body)).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("tool register failed: {}", body));
+    }
+    let payload: serde_json::Value = response.json().await?;
+    println!(
+        "{}",
+        serde_json::to_string_pretty(payload.get("definition").unwrap_or(&payload))?
+    );
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn tool_set_entitlement_command(
+    client: &reqwest::Client,
+    mut session: SessionConfig,
+    tool_id: String,
+    org_id: Option<String>,
+    project_id: Option<String>,
+    user_id: Option<String>,
+    status: &str,
+    expires_at: Option<String>,
+    metadata_file: Option<PathBuf>,
+) -> Result<()> {
+    let scoped_count =
+        (org_id.is_some() as u8) + (project_id.is_some() as u8) + (user_id.is_some() as u8);
+    if scoped_count > 1 {
+        return Err(anyhow!(
+            "Only one of --org-id, --project-id, or --user-id can be set"
+        ));
+    }
+
+    let mut body = serde_json::Map::new();
+    body.insert("toolId".to_string(), serde_json::Value::String(tool_id));
+    body.insert(
+        "status".to_string(),
+        serde_json::Value::String(status.to_string()),
+    );
+    if let Some(org_id) = org_id {
+        body.insert("orgId".to_string(), serde_json::Value::String(org_id));
+    }
+    if let Some(project_id) = project_id {
+        body.insert("projectId".to_string(), serde_json::Value::String(project_id));
+    }
+    if let Some(user_id) = user_id {
+        body.insert("userId".to_string(), serde_json::Value::String(user_id));
+    }
+    if let Some(expires_at) = expires_at {
+        body.insert("expiresAt".to_string(), serde_json::Value::String(expires_at));
+    }
+    if let Some(path) = metadata_file {
+        let metadata = load_jsonc_file(&path, "tool entitlement metadata")?;
+        body.insert(
+            "metadata".to_string(),
+            serde_json::Value::Object(parse_object_from_value(
+                metadata,
+                "tool entitlement metadata",
+            )?),
+        );
+    }
+
+    let response = authed_request(
+        client,
+        &mut session,
+        Method::PUT,
+        "/tools/entitlements",
+        Some(serde_json::Value::Object(body)),
+    )
+    .await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("tool entitlement update failed: {}", body));
+    }
+    let payload: serde_json::Value = response.json().await?;
+    println!(
+        "{}",
+        serde_json::to_string_pretty(payload.get("entitlement").unwrap_or(&payload))?
+    );
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn tool_enable_command(client: &reqwest::Client, args: ToolEnableArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    tool_set_entitlement_command(
+        client,
+        session,
+        args.tool_id,
+        args.org_id,
+        args.project_id,
+        args.user_id,
+        "enabled",
+        args.expires_at,
+        args.metadata_file,
+    )
+    .await
+}
+
+async fn tool_disable_command(client: &reqwest::Client, args: ToolDisableArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    tool_set_entitlement_command(
+        client,
+        session,
+        args.tool_id,
+        args.org_id,
+        args.project_id,
+        args.user_id,
+        "disabled",
+        None,
+        args.metadata_file,
+    )
+    .await
+}
+
+async fn tool_run_command(client: &reqwest::Client, args: ToolRunArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    if args.input_json.is_some() && args.input_file.is_some() {
+        return Err(anyhow!(
+            "Provide either --input-json or --input-file, not both"
+        ));
+    }
+
+    let input_value = if let Some(path) = args.input_file {
+        load_jsonc_file(&path, "tool run input")?
+    } else if let Some(input_json) = args.input_json {
+        parse_jsonc_str(&input_json, "tool run input")?
+    } else {
+        serde_json::Value::Object(serde_json::Map::new())
+    };
+
+    let input_object = serde_json::Value::Object(parse_object_from_value(
+        input_value,
+        "tool run input",
+    )?);
+
+    let mut body = serde_json::Map::new();
+    body.insert("toolId".to_string(), serde_json::Value::String(args.tool_id));
+    body.insert("input".to_string(), input_object);
+    if let Some(org_id) = args.org_id {
+        body.insert("orgId".to_string(), serde_json::Value::String(org_id));
+    }
+    if let Some(project_id) = args.project_id {
+        body.insert("projectId".to_string(), serde_json::Value::String(project_id));
+    }
+    let mut metadata_map = if let Some(path) = args.metadata_file {
+        let metadata = load_jsonc_file(&path, "tool run metadata")?;
+        parse_object_from_value(metadata, "tool run metadata")?
+    } else {
+        serde_json::Map::new()
+    };
+    if let Some(idempotency_key) = args.idempotency_key {
+        let normalized = idempotency_key.trim();
+        if !normalized.is_empty() {
+            metadata_map.insert(
+                "idempotencyKey".to_string(),
+                serde_json::Value::String(normalized.to_string()),
+            );
+        }
+    }
+    if !metadata_map.is_empty() {
+        body.insert("metadata".to_string(), serde_json::Value::Object(metadata_map));
+    }
+
+    let response = authed_request(
+        client,
+        &mut session,
+        Method::POST,
+        "/tools/runs",
+        Some(serde_json::Value::Object(body)),
+    )
+    .await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("tool run failed: {}", body));
+    }
+    let payload: serde_json::Value = response.json().await?;
+    println!(
+        "{}",
+        serde_json::to_string_pretty(payload.get("run").unwrap_or(&payload))?
+    );
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn tool_runs_command(client: &reqwest::Client, args: ToolRunsArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let mut query_parts: Vec<String> = Vec::new();
+    if let Some(tool_id) = args.tool_id {
+        query_parts.push(format!("toolId={}", tool_id));
+    }
+    if let Some(project_id) = args.project_id {
+        query_parts.push(format!("projectId={}", project_id));
+    }
+    if let Some(requested_by_user_id) = args.requested_by_user_id {
+        query_parts.push(format!("requestedByUserId={}", requested_by_user_id));
+    }
+    if let Some(status) = args.status {
+        query_parts.push(format!("status={}", status));
+    }
+
+    let path = if query_parts.is_empty() {
+        "/tools/runs".to_string()
+    } else {
+        format!("/tools/runs?{}", query_parts.join("&"))
+    };
+    let response = authed_request(client, &mut session, Method::GET, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("tool runs failed: {}", body));
+    }
+    let payload: serde_json::Value = response.json().await?;
+    println!(
+        "{}",
+        serde_json::to_string_pretty(payload.get("runs").unwrap_or(&payload))?
+    );
+    save_session(&session)?;
+    Ok(())
+}
+
+async fn tool_get_run_command(client: &reqwest::Client, args: ToolGetRunArgs) -> Result<()> {
+    let mut session = load_session()?;
+    apply_base_url_override(&mut session, args.base_url);
+
+    let path = format!("/tools/runs/{}", args.run_id);
+    let response = authed_request(client, &mut session, Method::GET, &path, None).await?;
+    if !response.status().is_success() {
+        let body = read_error_body(response).await;
+        return Err(anyhow!("tool get-run failed: {}", body));
+    }
+    let payload: serde_json::Value = response.json().await?;
+    println!(
+        "{}",
+        serde_json::to_string_pretty(payload.get("run").unwrap_or(&payload))?
+    );
+    save_session(&session)?;
+    Ok(())
+}
+
 #[tokio::main]
 async fn main() -> Result<()> {
     let cli = Cli::parse();
     let client = reqwest::Client::builder()
-        .user_agent("reallink-cli/0.1.1")
+        .user_agent(concat!("reallink-cli/", env!("CARGO_PKG_VERSION")))
         .build()?;
 
     match cli.command {
         Commands::Login(args) => login_command(&client, args).await?,
         Commands::Whoami(args) => whoami_command(&client, args).await?,
-        Commands::Logout => {
-            clear_session()?;
-            println!("Logged out.");
-        }
+        Commands::Logout => logout_command(&client).await?,
+        Commands::Project { command } => match command {
+            ProjectCommands::List(args) => project_list_command(&client, args).await?,
+            ProjectCommands::Create(args) => project_create_command(&client, args).await?,
+            ProjectCommands::Get(args) => project_get_command(&client, args).await?,
+            ProjectCommands::Update(args) => project_update_command(&client, args).await?,
+            ProjectCommands::Delete(args) => project_delete_command(&client, args).await?,
+        },
         Commands::Token { command } => match command {
             TokenCommands::List(args) => token_list_command(&client, args).await?,
             TokenCommands::Create(args) => token_create_command(&client, args).await?,
             TokenCommands::Revoke(args) => token_revoke_command(&client, args).await?,
         },
+        Commands::File { command } => match command {
+            FileCommands::List(args) => file_list_command(&client, args).await?,
+            FileCommands::Get(args) => file_get_command(&client, args).await?,
+            FileCommands::Upload(args) => file_upload_command(&client, args).await?,
+            FileCommands::Mkdir(args) => file_mkdir_command(&client, args).await?,
+            FileCommands::Move(args) => file_move_command(&client, args).await?,
+            FileCommands::Remove(args) => file_remove_command(&client, args).await?,
+        },
+        Commands::Tool { command } => match command {
+            ToolCommands::List(args) => tool_list_command(&client, args).await?,
+            ToolCommands::Register(args) => tool_register_command(&client, args).await?,
+            ToolCommands::Enable(args) => tool_enable_command(&client, args).await?,
+            ToolCommands::Disable(args) => tool_disable_command(&client, args).await?,
+            ToolCommands::Run(args) => tool_run_command(&client, args).await?,
+            ToolCommands::Runs(args) => tool_runs_command(&client, args).await?,
+            ToolCommands::GetRun(args) => tool_get_run_command(&client, args).await?,
+        },
     }
 
     Ok(())