Enforce query ownership and remove canned query hook

Refs #2735

tests/plugins/my_plugin.py

@@ -314,11 +314,6 @@ def startup(datasette):
     _ = (Response, Forbidden, NotFound, hookimpl, actor_matches_allow)
 
 
-@hookimpl
-def canned_queries(datasette, database, actor):
-    return {"from_hook": f"select 1, '{actor['id'] if actor else 'null'}' as actor_id"}
-
-
 @hookimpl
 def register_magic_parameters():
     from uuid import uuid4

tests/plugins/my_plugin_2.py

@@ -139,20 +139,20 @@ def startup(datasette):
         datasette._startup_catalog_databases = [
             row["database_name"] for row in catalog_rows
         ]
-
-    return inner
-
-
-@hookimpl
-def canned_queries(datasette, database):
-    async def inner():
-        return {
-            "from_async_hook": "select {}".format(
-                (
-                    await datasette.get_database(database).execute("select 1 + 1")
-                ).first()[0]
+        for database in datasette.databases:
+            await datasette.add_query(
+                database,
+                "from_hook",
+                "select 1, 'null' as actor_id",
+                source="plugin",
+            )
+            result = await datasette.get_database(database).execute("select 1 + 1")
+            await datasette.add_query(
+                database,
+                "from_async_hook",
+                "select {}".format(result.first()[0]),
+                source="plugin",
             )
-        }
 
     return inner