dmails, emails: refactor to use Rails signed_id.

Refactor email verification links and Dmail share links to use the new
Rails signed_id mechanism, rather than our own handrolled mechanism.

For Dmail share links, we have to override some Rails internal methods
so that our old links still work. For email verification links, this
will invalidate existing links, but this isn't a huge deal since these
links are short-lived anyway.

https://api.rubyonrails.org/classes/ActiveRecord/SignedId.html
https://api.rubyonrails.org/classes/ActiveRecord/SignedId/ClassMethods.html

app/policies/dmail_policy.rb

@@ -17,7 +17,7 @@ class DmailPolicy < ApplicationPolicy
 
   def show?
     return true if user.is_owner?
-    !user.is_anonymous? && (record.owner_id == user.id || record.valid_key?(request.params[:key]))
+    !user.is_anonymous? && record.owner_id == user.id
   end
 
   def reportable?

app/policies/email_address_policy.rb

@@ -13,11 +13,7 @@ class EmailAddressPolicy < ApplicationPolicy
   end
 
   def verify?
-    if request.params[:email_verification_key].present?
-      record.valid_key?(request.params[:email_verification_key])
-    else
-      record.user_id == user.id
-    end
+    record.user_id == user.id
   end
 
   def send_confirmation?