Allow users to manage their notifications

The user can access this page without being logged in.
We identify the user through the "subscriptions_token" parameter and
show a list of the notifications that can be enable/disable.

We will return a 404 error in case someone accesses the page with a
non-existent token.

We also control the case that some anonymous user tries to access the
page without any token, by returning the CanCan::AccessDenied exception.

app/assets/stylesheets/subscriptions.scss

@@ -0,0 +1,5 @@
+.subscriptions-edit {
+  form {
+    max-width: $global-width * 7 / 12;
+  }
+}