Use secure token to create attachment links

The link is public but protected by a secure token.

This extends the activesupport Attachment model to automatically
generate a token

app/controllers/file_uploads_controller.rb

@@ -2,7 +2,7 @@ class FileUploadsController < ApplicationController
   def show
     @form = Form.find_by!(token: params[:form_id])
     @submission = @form.submissions.find(params[:submission_id])
-    @file_upload = @submission.files_attachments.find(params[:id])
+    @file_upload = @submission.files_attachments.find_by!(token: params[:id])
     redirect_to url_for(@file_upload)
   end
 end