Raise an error if we're trying to retrieve an attachment for which there is no corresponding Upload model

Follow-up to #212175 (comment 309806057)

We had a couple of ~S1 security issues caused by providing a malicious attachment path that didn't match with any existing Uploads but that were processed anyway and allowed an attacker to read arbitrary files.

We have no known such issues at the moment, however implementing @engwan's suggested change in the note linked above would help prevent future issues.

Implementing that change right now breaks snippet uploads, I'm going to create another issue for that and make it a blocker for this issue.

It might break other things that haven't been tested yet.