modreports: fix private user information leak in new modreport action.

Fix this:

    https://danbooru.donmai.us/moderation_reports/new.json?moderation_report[model_id]=52664&moderation_report[model_type]=User

raising an `undefined method `reportable?' for #<UserPolicy ...>`
exception, which contained the full user object in the error message,
which leaked private user information.

app/policies/moderation_report_policy.rb

@@ -10,7 +10,7 @@ class ModerationReportPolicy < ApplicationPolicy
   end
 
   def create?
-    unbanned? && policy(record.model).reportable?
+    unbanned? && policy(record.model).try(:reportable?)
   end
 
   def update?

test/functional/moderation_reports_controller_test.rb

@@ -24,6 +24,12 @@ class ModerationReportsControllerTest < ActionDispatch::IntegrationTest
         get_auth new_moderation_report_path, @user, params: {:moderation_report => {:model_id => @comment.id, :model_type => "Comment"}}
         assert_response :success
       end
+
+      should "not raise an exception when given an invalid model" do
+        @user = create(:user)
+        get_auth new_moderation_report_path(moderation_report: { model_type: "User", model_id: @user.id }), @user
+        assert_response 403
+      end
     end
 
     context "index action" do