Refactor IncidentCompanionService to move the pending report logic into its own class.

IncidentCompanionService is about to get logic for sharing the
already-approved reports, and mixing the two is the first step
to making IcidentCompanionService yet another god object service.
Hopefully this can keep it cleaner.

Test: bit GooglePermissionControllerTests:*
Bug: 123543706
Change-Id: Ic24cbeb92c863739997fa74438ddce1f9c053c3b