May I ask why a WHERE clause in a grafted field statement is inadvisable?
Because when you implement a custom __sql__ query it effectively replaces any occurrences of the table name, in existing SQL queries, with a subquery defined by the __sql__. In some cases, however, it may still use just the table name. It helps if both of these cases are the same except for the addition of the extra columns. If you use a where clause then it may lead to some unexpected results.
Of course, you *can* use a where clause as long as the result of your query has a one-to-one mapping with the rows of the original table.
Most of the time, if you want to use a where clause, you are really wanting a default filter. In these cases you should either set a security filter (if it is a permissions issue), or just add a default search in the beforeHandleRequest method.
-Steve