first rule draft

rules/S6934/csharp/metadata.json

@@ -0,0 +1,25 @@
+{
+  "title": "You should specify the RouteAttribute when an HttpMethodAttribute is specified at an action level",
+  "type": "CODE_SMELL",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "5min"
+  },
+  "tags": [
+  ],
+  "defaultSeverity": "Major",
+  "ruleSpecification": "RSPEC-6934",
+  "sqKey": "S6934",
+  "scope": "All",
+  "defaultQualityProfiles": ["Sonar way"],
+  "quickfix": "unknown",
+  "code": {
+    "impacts": {
+      "MAINTAINABILITY": "HIGH",
+      "RELIABILITY": "MEDIUM",
+      "SECURITY": "LOW"
+    },
+    "attribute": "CONVENTIONAL"
+  }
+}

rules/S6934/csharp/rule.adoc

@@ -0,0 +1,66 @@
+The https://learn.microsoft.com/en-us/aspnet/core/mvc/controllers/routing[routing] middleware in https://learn.microsoft.com/en-us/aspnet/core/mvc/overview[ASP.NET Core MVC] uses a set of predefined rules and conventions to determine which controller and action method to invoke for a given HTTP request. The routing configuration is typically defined with the https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.builder.controllerendpointroutebuilderextensions.mapcontrollerroute[`MapControllerRoute`] method during the application configuration.
+However, without some extra configuration on the developer's part, sometimes the routing system cannot correctly resolve a route and map it to a certain action, resulting in unexpected behavior or errors.
+
+== Why is this an issue?
+
+In ASP.NET MVC, when a https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.routing.httpmethodattribute[`HttpMethodAttribute`] (such as https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.httpgetattribute[`HttpGet`], https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.httppostattribute[`HttpPost`], etc) is specified with a given route template at the action level, it's important that its controller also has a https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.routeattribute[`RouteAttribute`] defined. If not, then the route pattern that has been defined in `WebApplication.MapControllerRoute` is applied, resulting in an unexpected route and potential confusion. This applies also to when https://learn.microsoft.com/en-us/aspnet/core/mvc/controllers/areas[`areas`] are defined.
+
+
+== How to fix it
+
+When any of the controller actions is annotated with a `HttpMethodAttribute' with a route template, you should also annotate the controller with the `RouteAttribute` as well.
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,csharp]
+----
+    public class PersonController : Controller
+    {
+        [HttpGet("GetPerson")]
+        public ActionResult Index() // Noncompliant, this action will be reachable by "/root/GetPerson" instead of "/root/Person/GetPerson"
+        {
+            return View();
+        }
+    }
+----
+
+==== Compliant solution
+
+[source,csharp]
+----
+
+    public class PersonController: Controller
+    {
+        [HttpGet]
+        public ActionResult Index() // Compliant, no route template is given to the attribute
+        {
+            return View();
+        }
+    }
+
+    [Route("Person")]
+    public class PersonController: Controller
+    {
+        [HttpGet("GetPerson")]
+        public ActionResult Index() // Compliant
+        {
+            return View();
+        }
+    }
+----
+
+== Resources
+
+=== Documentation
+
+* Microsoft Learn - https://learn.microsoft.com/en-us/aspnet/core/mvc/overview[Overview of ASP.NET Core MVC]
+* Microsoft Learn - https://learn.microsoft.com/en-us/aspnet/core/mvc/controllers/routing[Routing to controller actions in ASP.NET Core]
+
+=== Articles & blog posts
+* Medium - https://medium.com/quick-code/routing-in-asp-net-core-c433bff3f1a4[Routing in ASP.NET Core]
+//=== Conference presentations
+//=== Standards
+//=== External coding guidelines
+//=== Benchmarks

rules/S6934/metadata.json

@@ -0,0 +1,2 @@
+{
+}