CodeQL 7: refactor: tighten foreach-to-LINQ where it improves the call site

[rlorenzo]

Summary

Closes 6 of 34 cs/linq/missed-* alerts where the foreach-to-LINQ conversion makes the intent clearer:

• UserHelper.IsInRole - claim-search loop → claims.Any(c => c.Type == ClaimTypes.Role && c.Value == roleName) (also collapses the surrounding null guard).
• CrestCourseService.CourseSessionOfferingsToCourses / …Sessions - staging-list + foreach-Add pattern → csos.GroupBy(...).Select(g => new Course/Session(...)).ToList().
• AssessmentController.GetAssessmentsForStudent - build-and-mutate loop → assessmentsList.Select(a => { … }).ToList().
• RoleTemplatesController.Apply - foreach (... in preview.Roles) { if (!UserHasRole) … } → foreach (... in preview.Roles.Where(r => !r.UserHasRole)).
• RoleViews delete loop - compound if filter hoisted into the foreach … in roleMembers.Where(...).

Also fixed two stray tab-indented lines in RoleViews.cs that dotnet format flagged.

Why 28 alerts are not addressed

The remaining 28 cs/linq/missed-select alerts all live in PDF/Excel cell-generation loops in the Effort report services - TeachingActivityService, MeritReportService, SchoolSummaryService, DeptSummaryService, MeritMultiYearService, EvaluationReportService, MeritSummaryService. Pattern is:

foreach (var type in orderedTypes)
{
    var val = course.EffortByType.GetValueOrDefault(type, 0);
    table.Cell().PaddingVertical(cellPadV).Text(val > 0 ? val.ToString() : "0");
}

The var val = … is what CodeQL identifies as a "mapping", but the surrounding body is QuestPDF.table.Cell()… / ClosedXML.ws.Cell()… side effects, not collection-building. Forcing a Select here would just add a tuple-deconstruction foreach over a .Select(t => (Type: t, Val: …)) with the same side-effectful body - more code, same behavior, lower readability. These are dismissible as wontfix-by-design on the CodeQL dashboard.

Context

Seventh in the CodeQL N: cleanup series (after #189, #190, #191, #192, #193, #194).

Test plan

• npm run test:backend - 1946 tests passing
• npm run verify:build - clean (0 errors)
• Pre-commit lint+test+verify all passed
• CodeQL workflow on this PR shows 6 of the 34 LINQ alerts closed

[codecov-commenter]

Bundle Report

Bundle size has no change ✅

[codecov-commenter]

Codecov Report

❌ Patch coverage is 10.00000% with 27 lines in your changes missing coverage. Please review.
✅ Project coverage is 42.97%. Comparing base (38de1ad) to head (8916163).

Files with missing lines	Patch %	Lines
web/Areas/CTS/Services/CrestCourseService.cs	0.00%	18 Missing ⚠️
web/Areas/RAPS/Services/RoleViews.cs	0.00%	6 Missing ⚠️
.../Areas/RAPS/Controllers/RoleTemplatesController.cs	0.00%	2 Missing ⚠️
web/Classes/UserHelper.cs	0.00%	1 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #195   +/-   ##
=======================================
  Coverage   42.96%   42.97%           
=======================================
  Files         877      877           
  Lines       51468    51452   -16     
  Branches     4802     4794    -8     
=======================================
- Hits        22113    22111    -2     
+ Misses      28831    28817   -14     
  Partials      524      524           

Flag	Coverage Δ
backend	43.05% <10.00%> (+<0.01%)	⬆️
frontend	41.34% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[coderabbitai]

Caution

Review failed

An error occurred during the review process. Please try again later.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codeql/7-effort-linq

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}