feat(sql): ✨ Enhance SQL clause handling with parentheses

* Add EnsureOuterParentheses function to wrap clauses in parentheses.
* Implement logic to preserve outer parentheses for OR conditions.
* Update SanitizeWhereClause to utilize new function for better query safety.
* Introduce tests for EnsureOuterParentheses and containsTopLevelOR functions.
* Refactor filter application in handler to group OR filters correctly.

pkg/common/sql_helpers.go

@@ -130,6 +130,9 @@ func validateWhereClauseSecurity(where string) error {
 // Note: This function will NOT add prefixes to unprefixed columns. It will only fix
 // incorrect prefixes (e.g., wrong_table.column -> correct_table.column), unless the
 // prefix matches a preloaded relation name, in which case it's left unchanged.
+//
+// IMPORTANT: Outer parentheses are preserved if the clause contains top-level OR operators
+// to prevent OR logic from escaping and affecting the entire query incorrectly.
 func SanitizeWhereClause(where string, tableName string, options ...*RequestOptions) string {
 	if where == "" {
 		return ""
@@ -143,8 +146,19 @@ func SanitizeWhereClause(where string, tableName string, options ...*RequestOpti
 		return ""
 	}
 
-	// Strip outer parentheses and re-trim
-	where = stripOuterParentheses(where)
+	// Check if the original clause has outer parentheses and contains OR operators
+	// If so, we need to preserve the outer parentheses to prevent OR logic from escaping
+	hasOuterParens := false
+	if len(where) > 0 && where[0] == '(' && where[len(where)-1] == ')' {
+		_, hasOuterParens = stripOneMatchingOuterParen(where)
+	}
+
+	// Strip outer parentheses and re-trim for processing
+	whereWithoutParens := stripOuterParentheses(where)
+	shouldPreserveParens := hasOuterParens && containsTopLevelOR(whereWithoutParens)
+
+	// Use the stripped version for processing
+	where = whereWithoutParens
 
 	// Get valid columns from the model if tableName is provided
 	var validColumns map[string]bool
@@ -166,6 +180,14 @@ func SanitizeWhereClause(where string, tableName string, options ...*RequestOpti
 				logger.Debug("Added preload relation '%s' as allowed table prefix", options[0].Preload[pi].Relation)
 			}
 		}
+
+		// Add join aliases as allowed prefixes
+		for _, alias := range options[0].JoinAliases {
+			if alias != "" {
+				allowedPrefixes[alias] = true
+				logger.Debug("Added join alias '%s' as allowed table prefix", alias)
+			}
+		}
 	}
 
 	// Split by AND to handle multiple conditions
@@ -221,7 +243,14 @@ func SanitizeWhereClause(where string, tableName string, options ...*RequestOpti
 
 	result := strings.Join(validConditions, " AND ")
 
-	if result != where {
+	// If the original clause had outer parentheses and contains OR operators,
+	// restore the outer parentheses to prevent OR logic from escaping
+	if shouldPreserveParens {
+		result = "(" + result + ")"
+		logger.Debug("Preserved outer parentheses for OR conditions: '%s'", result)
+	}
+
+	if result != where && !shouldPreserveParens {
 		logger.Debug("Sanitized WHERE clause: '%s' -> '%s'", where, result)
 	}
 
@@ -282,6 +311,93 @@ func stripOneMatchingOuterParen(s string) (string, bool) {
 	return strings.TrimSpace(s[1 : len(s)-1]), true
 }
 
+// EnsureOuterParentheses ensures that a SQL clause is wrapped in parentheses
+// to prevent OR logic from escaping. It checks if the clause already has
+// matching outer parentheses and only adds them if they don't exist.
+//
+// This is particularly important for OR conditions and complex filters where
+// the absence of parentheses could cause the logic to escape and affect
+// the entire query incorrectly.
+//
+// Parameters:
+//   - clause: The SQL clause to check and potentially wrap
+//
+// Returns:
+//   - The clause with guaranteed outer parentheses, or empty string if input is empty
+func EnsureOuterParentheses(clause string) string {
+	if clause == "" {
+		return ""
+	}
+
+	clause = strings.TrimSpace(clause)
+	if clause == "" {
+		return ""
+	}
+
+	// Check if the clause already has matching outer parentheses
+	_, hasOuterParens := stripOneMatchingOuterParen(clause)
+
+	// If it already has matching outer parentheses, return as-is
+	if hasOuterParens {
+		return clause
+	}
+
+	// Otherwise, wrap it in parentheses
+	return "(" + clause + ")"
+}
+
+// containsTopLevelOR checks if a SQL clause contains OR operators at the top level
+// (i.e., not inside parentheses or subqueries). This is used to determine if
+// outer parentheses should be preserved to prevent OR logic from escaping.
+func containsTopLevelOR(clause string) bool {
+	if clause == "" {
+		return false
+	}
+
+	depth := 0
+	inSingleQuote := false
+	inDoubleQuote := false
+	lowerClause := strings.ToLower(clause)
+
+	for i := 0; i < len(clause); i++ {
+		ch := clause[i]
+
+		// Track quote state
+		if ch == '\'' && !inDoubleQuote {
+			inSingleQuote = !inSingleQuote
+			continue
+		}
+		if ch == '"' && !inSingleQuote {
+			inDoubleQuote = !inDoubleQuote
+			continue
+		}
+
+		// Skip if inside quotes
+		if inSingleQuote || inDoubleQuote {
+			continue
+		}
+
+		// Track parenthesis depth
+		switch ch {
+		case '(':
+			depth++
+		case ')':
+			depth--
+		}
+
+		// Only check for OR at depth 0 (not inside parentheses)
+		if depth == 0 && i+4 <= len(clause) {
+			// Check for " OR " (case-insensitive)
+			substring := lowerClause[i : i+4]
+			if substring == " or " {
+				return true
+			}
+		}
+	}
+
+	return false
+}
+
 // splitByAND splits a WHERE clause by AND operators (case-insensitive)
 // This is parenthesis-aware and won't split on AND operators inside subqueries
 func splitByAND(where string) []string {

pkg/common/sql_helpers_test.go

@@ -659,6 +659,179 @@ func TestSanitizeWhereClauseWithModel(t *testing.T) {
 	}
 }
 
+func TestEnsureOuterParentheses(t *testing.T) {
+	tests := []struct {
+		name     string
+		input    string
+		expected string
+	}{
+		{
+			name:     "no parentheses",
+			input:    "status = 'active'",
+			expected: "(status = 'active')",
+		},
+		{
+			name:     "already has outer parentheses",
+			input:    "(status = 'active')",
+			expected: "(status = 'active')",
+		},
+		{
+			name:     "OR condition without parentheses",
+			input:    "status = 'active' OR status = 'pending'",
+			expected: "(status = 'active' OR status = 'pending')",
+		},
+		{
+			name:     "OR condition with parentheses",
+			input:    "(status = 'active' OR status = 'pending')",
+			expected: "(status = 'active' OR status = 'pending')",
+		},
+		{
+			name:     "complex condition with nested parentheses",
+			input:    "(status = 'active' OR status = 'pending') AND (age > 18)",
+			expected: "((status = 'active' OR status = 'pending') AND (age > 18))",
+		},
+		{
+			name:     "empty string",
+			input:    "",
+			expected: "",
+		},
+		{
+			name:     "whitespace only",
+			input:    "   ",
+			expected: "",
+		},
+		{
+			name:     "mismatched parentheses - adds outer ones",
+			input:    "(status = 'active' OR status = 'pending'",
+			expected: "((status = 'active' OR status = 'pending')",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := EnsureOuterParentheses(tt.input)
+			if result != tt.expected {
+				t.Errorf("EnsureOuterParentheses(%q) = %q; want %q", tt.input, result, tt.expected)
+			}
+		})
+	}
+}
+
+func TestContainsTopLevelOR(t *testing.T) {
+	tests := []struct {
+		name     string
+		input    string
+		expected bool
+	}{
+		{
+			name:     "no OR operator",
+			input:    "status = 'active' AND age > 18",
+			expected: false,
+		},
+		{
+			name:     "top-level OR",
+			input:    "status = 'active' OR status = 'pending'",
+			expected: true,
+		},
+		{
+			name:     "OR inside parentheses",
+			input:    "age > 18 AND (status = 'active' OR status = 'pending')",
+			expected: false,
+		},
+		{
+			name:     "OR in subquery",
+			input:    "id IN (SELECT id FROM users WHERE status = 'active' OR status = 'pending')",
+			expected: false,
+		},
+		{
+			name:     "OR inside quotes",
+			input:    "comment = 'this OR that'",
+			expected: false,
+		},
+		{
+			name:     "mixed - top-level OR and nested OR",
+			input:    "name = 'test' OR (status = 'active' OR status = 'pending')",
+			expected: true,
+		},
+		{
+			name:     "empty string",
+			input:    "",
+			expected: false,
+		},
+		{
+			name:     "lowercase or",
+			input:    "status = 'active' or status = 'pending'",
+			expected: true,
+		},
+		{
+			name:     "uppercase OR",
+			input:    "status = 'active' OR status = 'pending'",
+			expected: true,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := containsTopLevelOR(tt.input)
+			if result != tt.expected {
+				t.Errorf("containsTopLevelOR(%q) = %v; want %v", tt.input, result, tt.expected)
+			}
+		})
+	}
+}
+
+func TestSanitizeWhereClause_PreservesParenthesesWithOR(t *testing.T) {
+	tests := []struct {
+		name      string
+		where     string
+		tableName string
+		expected  string
+	}{
+		{
+			name:      "OR condition with outer parentheses - preserved",
+			where:     "(status = 'active' OR status = 'pending')",
+			tableName: "users",
+			expected:  "(users.status = 'active' OR users.status = 'pending')",
+		},
+		{
+			name:      "AND condition with outer parentheses - stripped (no OR)",
+			where:     "(status = 'active' AND age > 18)",
+			tableName: "users",
+			expected:  "users.status = 'active' AND users.age > 18",
+		},
+		{
+			name:      "complex OR with nested conditions",
+			where:     "((status = 'active' OR status = 'pending') AND age > 18)",
+			tableName: "users",
+			// Outer parens are stripped, but inner parens with OR are preserved
+			expected: "(users.status = 'active' OR users.status = 'pending') AND users.age > 18",
+		},
+		{
+			name:      "OR without outer parentheses - no parentheses added by SanitizeWhereClause",
+			where:     "status = 'active' OR status = 'pending'",
+			tableName: "users",
+			expected:  "users.status = 'active' OR users.status = 'pending'",
+		},
+		{
+			name:      "simple OR with parentheses - preserved",
+			where:     "(users.status = 'active' OR users.status = 'pending')",
+			tableName: "users",
+			// Already has correct prefixes, parentheses preserved
+			expected: "(users.status = 'active' OR users.status = 'pending')",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			prefixedWhere := AddTablePrefixToColumns(tt.where, tt.tableName)
+			result := SanitizeWhereClause(prefixedWhere, tt.tableName)
+			if result != tt.expected {
+				t.Errorf("SanitizeWhereClause(%q, %q) = %q; want %q", tt.where, tt.tableName, result, tt.expected)
+			}
+		})
+	}
+}
+
 func TestAddTablePrefixToColumns_ComplexConditions(t *testing.T) {
 tests := []struct {
 name      string

pkg/common/types.go

@@ -23,6 +23,10 @@ type RequestOptions struct {
 	CursorForward  string  `json:"cursor_forward"`
 	CursorBackward string  `json:"cursor_backward"`
 	FetchRowNumber *string `json:"fetch_row_number"`
+
+	// Join table aliases (used for validation of prefixed columns in filters/sorts)
+	// Not serialized to JSON as it's internal validation state
+	JoinAliases []string `json:"-"`
 }
 
 type Parameter struct {

pkg/common/validation.go

@@ -237,15 +237,29 @@ func (v *ColumnValidator) FilterRequestOptions(options RequestOptions) RequestOp
 	for _, sort := range options.Sort {
 		if v.IsValidColumn(sort.Column) {
 			validSorts = append(validSorts, sort)
-		} else if strings.HasPrefix(sort.Column, "(") && strings.HasSuffix(sort.Column, ")") {
-			// Allow sort by expression/subquery, but validate for security
-			if IsSafeSortExpression(sort.Column) {
-				validSorts = append(validSorts, sort)
-			} else {
-				logger.Warn("Unsafe sort expression '%s' removed", sort.Column)
-			}
 		} else {
-			logger.Warn("Invalid column in sort '%s' removed", sort.Column)
+			foundJoin := false
+			for _, j := range options.JoinAliases {
+				if strings.Contains(sort.Column, j) {
+					foundJoin = true
+					break
+				}
+			}
+			if foundJoin {
+				validSorts = append(validSorts, sort)
+				continue
+			}
+			if strings.HasPrefix(sort.Column, "(") && strings.HasSuffix(sort.Column, ")") {
+				// Allow sort by expression/subquery, but validate for security
+				if IsSafeSortExpression(sort.Column) {
+					validSorts = append(validSorts, sort)
+				} else {
+					logger.Warn("Unsafe sort expression '%s' removed", sort.Column)
+				}
+
+			} else {
+				logger.Warn("Invalid column in sort '%s' removed", sort.Column)
+			}
 		}
 	}
 	filtered.Sort = validSorts
@@ -291,6 +305,9 @@ func (v *ColumnValidator) FilterRequestOptions(options RequestOptions) RequestOp
 	}
 	filtered.Preload = validPreloads
 
+	// Clear JoinAliases - this is an internal validation field and should not be persisted
+	filtered.JoinAliases = nil
+
 	return filtered
 }
 

pkg/common/validation_test.go

@@ -362,6 +362,29 @@ func TestFilterRequestOptions(t *testing.T) {
 	}
 }
 
+func TestFilterRequestOptions_ClearsJoinAliases(t *testing.T) {
+	model := TestModel{}
+	validator := NewColumnValidator(model)
+
+	options := RequestOptions{
+		Columns: []string{"id", "name"},
+		// Set JoinAliases - this should be cleared by FilterRequestOptions
+		JoinAliases: []string{"d", "u", "r"},
+	}
+
+	filtered := validator.FilterRequestOptions(options)
+
+	// Verify that JoinAliases was cleared (internal field should not persist)
+	if filtered.JoinAliases != nil {
+		t.Errorf("Expected JoinAliases to be nil after filtering, got %v", filtered.JoinAliases)
+	}
+
+	// Verify that other fields are still properly filtered
+	if len(filtered.Columns) != 2 {
+		t.Errorf("Expected 2 columns, got %d", len(filtered.Columns))
+	}
+}
+
 func TestIsSafeSortExpression(t *testing.T) {
 	tests := []struct {
 		name       string

pkg/resolvespec/handler.go

@@ -318,6 +318,8 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
 		if cursorFilter != "" {
 			logger.Debug("Applying cursor filter: %s", cursorFilter)
 			sanitizedCursor := common.SanitizeWhereClause(cursorFilter, reflection.ExtractTableNameOnly(tableName), &options)
+			// Ensure outer parentheses to prevent OR logic from escaping
+			sanitizedCursor = common.EnsureOuterParentheses(sanitizedCursor)
 			if sanitizedCursor != "" {
 				query = query.Where(sanitizedCursor)
 			}
@@ -1656,6 +1658,8 @@ func (h *Handler) applyPreloads(model interface{}, query common.SelectQuery, pre
 				// Build RequestOptions with all preloads to allow references to sibling relations
 				preloadOpts := &common.RequestOptions{Preload: preloads}
 				sanitizedWhere := common.SanitizeWhereClause(preload.Where, reflection.ExtractTableNameOnly(preload.Relation), preloadOpts)
+				// Ensure outer parentheses to prevent OR logic from escaping
+				sanitizedWhere = common.EnsureOuterParentheses(sanitizedWhere)
 				if len(sanitizedWhere) > 0 {
 					sq = sq.Where(sanitizedWhere)
 				}

pkg/restheadspec/HEADERS.md

@@ -214,14 +214,46 @@ x-expand: department:id,name,code
 **Note:** Currently, expand falls back to preload behavior. Full JOIN expansion is planned for future implementation.
 
 #### `x-custom-sql-join`
-Raw SQL JOIN statement.
+Custom SQL JOIN clauses for joining tables in queries.
 
-**Format:** SQL JOIN clause
+**Format:** SQL JOIN clause or multiple clauses separated by `|`
+
+**Single JOIN:**
 ```
 x-custom-sql-join: LEFT JOIN departments d ON d.id = employees.department_id
 ```
 
-⚠️ **Note:** Not yet fully implemented.
+**Multiple JOINs:**
+```
+x-custom-sql-join: LEFT JOIN departments d ON d.id = e.dept_id | INNER JOIN roles r ON r.id = e.role_id
+```
+
+**Features:**
+- Supports any type of JOIN (INNER, LEFT, RIGHT, FULL, CROSS)
+- Multiple JOINs can be specified using the pipe `|` separator
+- JOINs are sanitized for security
+- Can be specified via headers or query parameters
+- **Table aliases are automatically extracted and allowed for filtering and sorting**
+
+**Using Join Aliases in Filters and Sorts:**
+
+When you specify a custom SQL join with an alias, you can use that alias in your filter and sort parameters:
+
+```
+# Join with alias
+x-custom-sql-join: LEFT JOIN departments d ON d.id = employees.department_id
+
+# Sort by joined table column
+x-sort: d.name,employees.id
+
+# Filter by joined table column
+x-searchop-eq-d.name: Engineering
+```
+
+The system automatically:
+1. Extracts the alias from the JOIN clause (e.g., `d` from `departments d`)
+2. Validates that prefixed columns (like `d.name`) refer to valid join aliases
+3. Allows these prefixed columns in filters and sorts
 
 ---
 

pkg/restheadspec/cache_helpers.go

@@ -26,6 +26,7 @@ type queryCacheKey struct {
 	Sort           []common.SortOption   `json:"sort"`
 	CustomSQLWhere string                `json:"custom_sql_where,omitempty"`
 	CustomSQLOr    string                `json:"custom_sql_or,omitempty"`
+	CustomSQLJoin  []string              `json:"custom_sql_join,omitempty"`
 	Expand         []expandOptionKey     `json:"expand,omitempty"`
 	Distinct       bool                  `json:"distinct,omitempty"`
 	CursorForward  string                `json:"cursor_forward,omitempty"`
@@ -40,7 +41,7 @@ type cachedTotal struct {
 // buildExtendedQueryCacheKey builds a cache key for extended query options (restheadspec)
 // Includes expand, distinct, and cursor pagination options
 func buildExtendedQueryCacheKey(tableName string, filters []common.FilterOption, sort []common.SortOption,
-	customWhere, customOr string, expandOpts []interface{}, distinct bool, cursorFwd, cursorBwd string) string {
+	customWhere, customOr string, customJoin []string, expandOpts []interface{}, distinct bool, cursorFwd, cursorBwd string) string {
 
 	key := queryCacheKey{
 		TableName:      tableName,
@@ -48,6 +49,7 @@ func buildExtendedQueryCacheKey(tableName string, filters []common.FilterOption,
 		Sort:           sort,
 		CustomSQLWhere: customWhere,
 		CustomSQLOr:    customOr,
+		CustomSQLJoin:  customJoin,
 		Distinct:       distinct,
 		CursorForward:  cursorFwd,
 		CursorBackward: cursorBwd,
@@ -75,8 +77,8 @@ func buildExtendedQueryCacheKey(tableName string, filters []common.FilterOption,
 	jsonData, err := json.Marshal(key)
 	if err != nil {
 		// Fallback to simple string concatenation if JSON fails
-		return hashString(fmt.Sprintf("%s_%v_%v_%s_%s_%v_%v_%s_%s",
-			tableName, filters, sort, customWhere, customOr, expandOpts, distinct, cursorFwd, cursorBwd))
+		return hashString(fmt.Sprintf("%s_%v_%v_%s_%s_%v_%v_%v_%s_%s",
+			tableName, filters, sort, customWhere, customOr, customJoin, expandOpts, distinct, cursorFwd, cursorBwd))
 	}
 
 	return hashString(string(jsonData))

pkg/restheadspec/handler.go

@@ -463,7 +463,8 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
 	}
 
 	// Apply filters - validate and adjust for column types first
-	for i := range options.Filters {
+	// Group consecutive OR filters together to prevent OR logic from escaping
+	for i := 0; i < len(options.Filters); {
 		filter := &options.Filters[i]
 
 		// Validate and adjust filter based on column type
@@ -475,8 +476,39 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
 			logicOp = "AND"
 		}
 
-		logger.Debug("Applying filter: %s %s %v (needsCast=%v, logic=%s)", filter.Column, filter.Operator, filter.Value, castInfo.NeedsCast, logicOp)
-		query = h.applyFilter(query, *filter, tableName, castInfo.NeedsCast, logicOp)
+		// Check if this is the start of an OR group
+		if logicOp == "OR" {
+			// Collect all consecutive OR filters
+			orFilters := []*common.FilterOption{filter}
+			orCastInfo := []ColumnCastInfo{castInfo}
+
+			j := i + 1
+			for j < len(options.Filters) {
+				nextFilter := &options.Filters[j]
+				nextLogicOp := nextFilter.LogicOperator
+				if nextLogicOp == "" {
+					nextLogicOp = "AND"
+				}
+				if nextLogicOp == "OR" {
+					nextCastInfo := h.ValidateAndAdjustFilterForColumnType(nextFilter, model)
+					orFilters = append(orFilters, nextFilter)
+					orCastInfo = append(orCastInfo, nextCastInfo)
+					j++
+				} else {
+					break
+				}
+			}
+
+			// Apply the OR group as a single grouped condition
+			logger.Debug("Applying OR filter group with %d conditions", len(orFilters))
+			query = h.applyOrFilterGroup(query, orFilters, orCastInfo, tableName)
+			i = j
+		} else {
+			// Single AND filter - apply normally
+			logger.Debug("Applying filter: %s %s %v (needsCast=%v, logic=%s)", filter.Column, filter.Operator, filter.Value, castInfo.NeedsCast, logicOp)
+			query = h.applyFilter(query, *filter, tableName, castInfo.NeedsCast, logicOp)
+			i++
+		}
 	}
 
 	// Apply custom SQL WHERE clause (AND condition)
@@ -486,6 +518,8 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
 		prefixedWhere := common.AddTablePrefixToColumns(options.CustomSQLWhere, reflection.ExtractTableNameOnly(tableName))
 		// Then sanitize and allow preload table prefixes since custom SQL may reference multiple tables
 		sanitizedWhere := common.SanitizeWhereClause(prefixedWhere, reflection.ExtractTableNameOnly(tableName), &options.RequestOptions)
+		// Ensure outer parentheses to prevent OR logic from escaping
+		sanitizedWhere = common.EnsureOuterParentheses(sanitizedWhere)
 		if sanitizedWhere != "" {
 			query = query.Where(sanitizedWhere)
 		}
@@ -497,11 +531,22 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
 		customOr := common.AddTablePrefixToColumns(options.CustomSQLOr, reflection.ExtractTableNameOnly(tableName))
 		// Sanitize and allow preload table prefixes since custom SQL may reference multiple tables
 		sanitizedOr := common.SanitizeWhereClause(customOr, reflection.ExtractTableNameOnly(tableName), &options.RequestOptions)
+		// Ensure outer parentheses to prevent OR logic from escaping
+		sanitizedOr = common.EnsureOuterParentheses(sanitizedOr)
 		if sanitizedOr != "" {
 			query = query.WhereOr(sanitizedOr)
 		}
 	}
 
+	// Apply custom SQL JOIN clauses
+	if len(options.CustomSQLJoin) > 0 {
+		for _, joinClause := range options.CustomSQLJoin {
+			logger.Debug("Applying custom SQL JOIN: %s", joinClause)
+			// Joins are already sanitized during parsing, so we can apply them directly
+			query = query.Join(joinClause)
+		}
+	}
+
 	// If ID is provided, filter by ID
 	if id != "" {
 		pkName := reflection.GetPrimaryKeyName(model)
@@ -552,6 +597,7 @@ func (h *Handler) handleRead(ctx context.Context, w common.ResponseWriter, id st
 				options.Sort,
 				options.CustomSQLWhere,
 				options.CustomSQLOr,
+				options.CustomSQLJoin,
 				expandOpts,
 				options.Distinct,
 				options.CursorForward,
@@ -1986,6 +2032,99 @@ func (h *Handler) applyFilter(query common.SelectQuery, filter common.FilterOpti
 	}
 }
 
+// applyOrFilterGroup applies a group of OR filters as a single grouped condition
+// This ensures OR conditions are properly grouped with parentheses to prevent OR logic from escaping
+func (h *Handler) applyOrFilterGroup(query common.SelectQuery, filters []*common.FilterOption, castInfo []ColumnCastInfo, tableName string) common.SelectQuery {
+	if len(filters) == 0 {
+		return query
+	}
+
+	// Build individual filter conditions
+	conditions := []string{}
+	args := []interface{}{}
+
+	for i, filter := range filters {
+		// Qualify the column name with table name if not already qualified
+		qualifiedColumn := h.qualifyColumnName(filter.Column, tableName)
+
+		// Apply casting to text if needed for non-numeric columns or non-numeric values
+		if castInfo[i].NeedsCast {
+			qualifiedColumn = fmt.Sprintf("CAST(%s AS TEXT)", qualifiedColumn)
+		}
+
+		// Build the condition based on operator
+		condition, filterArgs := h.buildFilterCondition(qualifiedColumn, filter, tableName)
+		if condition != "" {
+			conditions = append(conditions, condition)
+			args = append(args, filterArgs...)
+		}
+	}
+
+	if len(conditions) == 0 {
+		return query
+	}
+
+	// Join all conditions with OR and wrap in parentheses
+	groupedCondition := "(" + strings.Join(conditions, " OR ") + ")"
+	logger.Debug("Applying grouped OR conditions: %s", groupedCondition)
+
+	// Apply as AND condition (the OR is already inside the parentheses)
+	return query.Where(groupedCondition, args...)
+}
+
+// buildFilterCondition builds a single filter condition and returns the condition string and args
+func (h *Handler) buildFilterCondition(qualifiedColumn string, filter *common.FilterOption, tableName string) (filterStr string, filterInterface []interface{}) {
+	switch strings.ToLower(filter.Operator) {
+	case "eq", "equals":
+		return fmt.Sprintf("%s = ?", qualifiedColumn), []interface{}{filter.Value}
+	case "neq", "not_equals", "ne":
+		return fmt.Sprintf("%s != ?", qualifiedColumn), []interface{}{filter.Value}
+	case "gt", "greater_than":
+		return fmt.Sprintf("%s > ?", qualifiedColumn), []interface{}{filter.Value}
+	case "gte", "greater_than_equals", "ge":
+		return fmt.Sprintf("%s >= ?", qualifiedColumn), []interface{}{filter.Value}
+	case "lt", "less_than":
+		return fmt.Sprintf("%s < ?", qualifiedColumn), []interface{}{filter.Value}
+	case "lte", "less_than_equals", "le":
+		return fmt.Sprintf("%s <= ?", qualifiedColumn), []interface{}{filter.Value}
+	case "like":
+		return fmt.Sprintf("%s LIKE ?", qualifiedColumn), []interface{}{filter.Value}
+	case "ilike":
+		return fmt.Sprintf("%s ILIKE ?", qualifiedColumn), []interface{}{filter.Value}
+	case "in":
+		return fmt.Sprintf("%s IN (?)", qualifiedColumn), []interface{}{filter.Value}
+	case "between":
+		// Handle between operator - exclusive (> val1 AND < val2)
+		if values, ok := filter.Value.([]interface{}); ok && len(values) == 2 {
+			return fmt.Sprintf("(%s > ? AND %s < ?)", qualifiedColumn, qualifiedColumn), []interface{}{values[0], values[1]}
+		} else if values, ok := filter.Value.([]string); ok && len(values) == 2 {
+			return fmt.Sprintf("(%s > ? AND %s < ?)", qualifiedColumn, qualifiedColumn), []interface{}{values[0], values[1]}
+		}
+		logger.Warn("Invalid BETWEEN filter value format")
+		return "", nil
+	case "between_inclusive":
+		// Handle between inclusive operator - inclusive (>= val1 AND <= val2)
+		if values, ok := filter.Value.([]interface{}); ok && len(values) == 2 {
+			return fmt.Sprintf("(%s >= ? AND %s <= ?)", qualifiedColumn, qualifiedColumn), []interface{}{values[0], values[1]}
+		} else if values, ok := filter.Value.([]string); ok && len(values) == 2 {
+			return fmt.Sprintf("(%s >= ? AND %s <= ?)", qualifiedColumn, qualifiedColumn), []interface{}{values[0], values[1]}
+		}
+		logger.Warn("Invalid BETWEEN INCLUSIVE filter value format")
+		return "", nil
+	case "is_null", "isnull":
+		// Check for NULL values - don't use cast for NULL checks
+		colName := h.qualifyColumnName(filter.Column, tableName)
+		return fmt.Sprintf("(%s IS NULL OR %s = '')", colName, colName), nil
+	case "is_not_null", "isnotnull":
+		// Check for NOT NULL values - don't use cast for NULL checks
+		colName := h.qualifyColumnName(filter.Column, tableName)
+		return fmt.Sprintf("(%s IS NOT NULL AND %s != '')", colName, colName), nil
+	default:
+		logger.Warn("Unknown filter operator: %s, defaulting to equals", filter.Operator)
+		return fmt.Sprintf("%s = ?", qualifiedColumn), []interface{}{filter.Value}
+	}
+}
+
 // parseTableName splits a table name that may contain schema into separate schema and table
 func (h *Handler) parseTableName(fullTableName string) (schema, table string) {
 	if idx := strings.LastIndex(fullTableName, "."); idx != -1 {

pkg/restheadspec/headers.go

@@ -26,7 +26,9 @@ type ExtendedRequestOptions struct {
 	CustomSQLOr    string
 
 	// Joins
-	Expand []ExpandOption
+	Expand        []ExpandOption
+	CustomSQLJoin []string // Custom SQL JOIN clauses
+	JoinAliases   []string // Extracted table aliases from CustomSQLJoin for validation
 
 	// Advanced features
 	AdvancedSQL map[string]string // Column -> SQL expression
@@ -111,6 +113,7 @@ func (h *Handler) parseOptionsFromHeaders(r common.Request, model interface{}) E
 		AdvancedSQL:          make(map[string]string),
 		ComputedQL:           make(map[string]string),
 		Expand:               make([]ExpandOption, 0),
+		CustomSQLJoin:        make([]string, 0),
 		ResponseFormat:       "simple", // Default response format
 		SingleRecordAsObject: true,     // Default: normalize single-element arrays to objects
 	}
@@ -185,8 +188,7 @@ func (h *Handler) parseOptionsFromHeaders(r common.Request, model interface{}) E
 		case strings.HasPrefix(key, "x-expand"):
 			h.parseExpand(&options, decodedValue)
 		case strings.HasPrefix(key, "x-custom-sql-join"):
-			// TODO: Implement custom SQL join
-			logger.Debug("Custom SQL join not yet implemented: %s", decodedValue)
+			h.parseCustomSQLJoin(&options, decodedValue)
 
 		// Sorting & Pagination
 		case strings.HasPrefix(key, "x-sort"):
@@ -495,6 +497,101 @@ func (h *Handler) parseExpand(options *ExtendedRequestOptions, value string) {
 	}
 }
 
+// parseCustomSQLJoin parses x-custom-sql-join header
+// Format: Single JOIN clause or multiple JOIN clauses separated by |
+// Example: "LEFT JOIN departments d ON d.id = employees.department_id"
+// Example: "LEFT JOIN departments d ON d.id = e.dept_id | INNER JOIN roles r ON r.id = e.role_id"
+func (h *Handler) parseCustomSQLJoin(options *ExtendedRequestOptions, value string) {
+	if value == "" {
+		return
+	}
+
+	// Split by | for multiple joins
+	joins := strings.Split(value, "|")
+	for _, joinStr := range joins {
+		joinStr = strings.TrimSpace(joinStr)
+		if joinStr == "" {
+			continue
+		}
+
+		// Basic validation: should contain "JOIN" keyword
+		upperJoin := strings.ToUpper(joinStr)
+		if !strings.Contains(upperJoin, "JOIN") {
+			logger.Warn("Invalid custom SQL join (missing JOIN keyword): %s", joinStr)
+			continue
+		}
+
+		// Sanitize the join clause using common.SanitizeWhereClause
+		// Note: This is basic sanitization - in production you may want stricter validation
+		sanitizedJoin := common.SanitizeWhereClause(joinStr, "", nil)
+		if sanitizedJoin == "" {
+			logger.Warn("Custom SQL join failed sanitization: %s", joinStr)
+			continue
+		}
+
+		// Extract table alias from the JOIN clause
+		alias := extractJoinAlias(sanitizedJoin)
+		if alias != "" {
+			options.JoinAliases = append(options.JoinAliases, alias)
+			// Also add to the embedded RequestOptions for validation
+			options.RequestOptions.JoinAliases = append(options.RequestOptions.JoinAliases, alias)
+			logger.Debug("Extracted join alias: %s", alias)
+		}
+
+		logger.Debug("Adding custom SQL join: %s", sanitizedJoin)
+		options.CustomSQLJoin = append(options.CustomSQLJoin, sanitizedJoin)
+	}
+}
+
+// extractJoinAlias extracts the table alias from a JOIN clause
+// Examples:
+//   - "LEFT JOIN departments d ON ..." -> "d"
+//   - "INNER JOIN users AS u ON ..." -> "u"
+//   - "JOIN roles r ON ..." -> "r"
+func extractJoinAlias(joinClause string) string {
+	// Pattern: JOIN table_name [AS] alias ON ...
+	// We need to extract the alias (word before ON)
+
+	upperJoin := strings.ToUpper(joinClause)
+
+	// Find the "JOIN" keyword position
+	joinIdx := strings.Index(upperJoin, "JOIN")
+	if joinIdx == -1 {
+		return ""
+	}
+
+	// Find the "ON" keyword position
+	onIdx := strings.Index(upperJoin, " ON ")
+	if onIdx == -1 {
+		return ""
+	}
+
+	// Extract the part between JOIN and ON
+	betweenJoinAndOn := strings.TrimSpace(joinClause[joinIdx+4 : onIdx])
+
+	// Split by spaces to get words
+	words := strings.Fields(betweenJoinAndOn)
+	if len(words) == 0 {
+		return ""
+	}
+
+	// If there's an AS keyword, the alias is after it
+	for i, word := range words {
+		if strings.EqualFold(word, "AS") && i+1 < len(words) {
+			return words[i+1]
+		}
+	}
+
+	// Otherwise, the alias is the last word (if there are 2+ words)
+	// Format: "table_name alias" or just "table_name"
+	if len(words) >= 2 {
+		return words[len(words)-1]
+	}
+
+	// Only one word means it's just the table name, no alias
+	return ""
+}
+
 // parseSorting parses x-sort header
 // Format: +field1,-field2,field3 (+ for ASC, - for DESC, default ASC)
 func (h *Handler) parseSorting(options *ExtendedRequestOptions, value string) {

pkg/restheadspec/query_params_test.go

@@ -301,6 +301,163 @@ func TestParseOptionsFromQueryParams(t *testing.T) {
 				}
 			},
 		},
+		{
+			name: "Parse custom SQL JOIN from query params",
+			queryParams: map[string]string{
+				"x-custom-sql-join": `LEFT JOIN departments d ON d.id = employees.department_id`,
+			},
+			validate: func(t *testing.T, options ExtendedRequestOptions) {
+				if len(options.CustomSQLJoin) == 0 {
+					t.Error("Expected CustomSQLJoin to be set")
+					return
+				}
+				if len(options.CustomSQLJoin) != 1 {
+					t.Errorf("Expected 1 custom SQL join, got %d", len(options.CustomSQLJoin))
+					return
+				}
+				expected := `LEFT JOIN departments d ON d.id = employees.department_id`
+				if options.CustomSQLJoin[0] != expected {
+					t.Errorf("Expected CustomSQLJoin[0]=%q, got %q", expected, options.CustomSQLJoin[0])
+				}
+			},
+		},
+		{
+			name: "Parse multiple custom SQL JOINs from query params",
+			queryParams: map[string]string{
+				"x-custom-sql-join": `LEFT JOIN departments d ON d.id = e.dept_id | INNER JOIN roles r ON r.id = e.role_id`,
+			},
+			validate: func(t *testing.T, options ExtendedRequestOptions) {
+				if len(options.CustomSQLJoin) != 2 {
+					t.Errorf("Expected 2 custom SQL joins, got %d", len(options.CustomSQLJoin))
+					return
+				}
+				expected1 := `LEFT JOIN departments d ON d.id = e.dept_id`
+				expected2 := `INNER JOIN roles r ON r.id = e.role_id`
+				if options.CustomSQLJoin[0] != expected1 {
+					t.Errorf("Expected CustomSQLJoin[0]=%q, got %q", expected1, options.CustomSQLJoin[0])
+				}
+				if options.CustomSQLJoin[1] != expected2 {
+					t.Errorf("Expected CustomSQLJoin[1]=%q, got %q", expected2, options.CustomSQLJoin[1])
+				}
+			},
+		},
+		{
+			name: "Parse custom SQL JOIN from headers",
+			headers: map[string]string{
+				"X-Custom-SQL-Join": `LEFT JOIN users u ON u.id = posts.user_id`,
+			},
+			validate: func(t *testing.T, options ExtendedRequestOptions) {
+				if len(options.CustomSQLJoin) == 0 {
+					t.Error("Expected CustomSQLJoin to be set from header")
+					return
+				}
+				expected := `LEFT JOIN users u ON u.id = posts.user_id`
+				if options.CustomSQLJoin[0] != expected {
+					t.Errorf("Expected CustomSQLJoin[0]=%q, got %q", expected, options.CustomSQLJoin[0])
+				}
+			},
+		},
+		{
+			name: "Extract aliases from custom SQL JOIN",
+			queryParams: map[string]string{
+				"x-custom-sql-join": `LEFT JOIN departments d ON d.id = employees.department_id`,
+			},
+			validate: func(t *testing.T, options ExtendedRequestOptions) {
+				if len(options.JoinAliases) == 0 {
+					t.Error("Expected JoinAliases to be extracted")
+					return
+				}
+				if len(options.JoinAliases) != 1 {
+					t.Errorf("Expected 1 join alias, got %d", len(options.JoinAliases))
+					return
+				}
+				if options.JoinAliases[0] != "d" {
+					t.Errorf("Expected join alias 'd', got %q", options.JoinAliases[0])
+				}
+				// Also check that it's in the embedded RequestOptions
+				if len(options.RequestOptions.JoinAliases) != 1 || options.RequestOptions.JoinAliases[0] != "d" {
+					t.Error("Expected join alias to also be in RequestOptions.JoinAliases")
+				}
+			},
+		},
+		{
+			name: "Extract multiple aliases from multiple custom SQL JOINs",
+			queryParams: map[string]string{
+				"x-custom-sql-join": `LEFT JOIN departments d ON d.id = e.dept_id | INNER JOIN roles AS r ON r.id = e.role_id`,
+			},
+			validate: func(t *testing.T, options ExtendedRequestOptions) {
+				if len(options.JoinAliases) != 2 {
+					t.Errorf("Expected 2 join aliases, got %d", len(options.JoinAliases))
+					return
+				}
+				expectedAliases := []string{"d", "r"}
+				for i, expected := range expectedAliases {
+					if options.JoinAliases[i] != expected {
+						t.Errorf("Expected join alias[%d]=%q, got %q", i, expected, options.JoinAliases[i])
+					}
+				}
+			},
+		},
+		{
+			name: "Custom JOIN with sort on joined table",
+			queryParams: map[string]string{
+				"x-custom-sql-join": `LEFT JOIN departments d ON d.id = employees.department_id`,
+				"x-sort":            "d.name,employees.id",
+			},
+			validate: func(t *testing.T, options ExtendedRequestOptions) {
+				// Verify join was added
+				if len(options.CustomSQLJoin) != 1 {
+					t.Errorf("Expected 1 custom SQL join, got %d", len(options.CustomSQLJoin))
+					return
+				}
+				// Verify alias was extracted
+				if len(options.JoinAliases) != 1 || options.JoinAliases[0] != "d" {
+					t.Error("Expected join alias 'd' to be extracted")
+					return
+				}
+				// Verify sort was parsed
+				if len(options.Sort) != 2 {
+					t.Errorf("Expected 2 sort options, got %d", len(options.Sort))
+					return
+				}
+				if options.Sort[0].Column != "d.name" {
+					t.Errorf("Expected first sort column 'd.name', got %q", options.Sort[0].Column)
+				}
+				if options.Sort[1].Column != "employees.id" {
+					t.Errorf("Expected second sort column 'employees.id', got %q", options.Sort[1].Column)
+				}
+			},
+		},
+		{
+			name: "Custom JOIN with filter on joined table",
+			queryParams: map[string]string{
+				"x-custom-sql-join":    `LEFT JOIN departments d ON d.id = employees.department_id`,
+				"x-searchop-eq-d.name": "Engineering",
+			},
+			validate: func(t *testing.T, options ExtendedRequestOptions) {
+				// Verify join was added
+				if len(options.CustomSQLJoin) != 1 {
+					t.Error("Expected 1 custom SQL join")
+					return
+				}
+				// Verify alias was extracted
+				if len(options.JoinAliases) != 1 || options.JoinAliases[0] != "d" {
+					t.Error("Expected join alias 'd' to be extracted")
+					return
+				}
+				// Verify filter was parsed
+				if len(options.Filters) != 1 {
+					t.Errorf("Expected 1 filter, got %d", len(options.Filters))
+					return
+				}
+				if options.Filters[0].Column != "d.name" {
+					t.Errorf("Expected filter column 'd.name', got %q", options.Filters[0].Column)
+				}
+				if options.Filters[0].Operator != "eq" {
+					t.Errorf("Expected filter operator 'eq', got %q", options.Filters[0].Operator)
+				}
+			},
+		},
 	}
 
 	for _, tt := range tests {
@@ -395,6 +552,55 @@ func TestHeadersAndQueryParamsCombined(t *testing.T) {
 	}
 }
 
+// TestCustomJoinAliasExtraction tests the extractJoinAlias helper function
+func TestCustomJoinAliasExtraction(t *testing.T) {
+	tests := []struct {
+		name     string
+		join     string
+		expected string
+	}{
+		{
+			name:     "LEFT JOIN with alias",
+			join:     "LEFT JOIN departments d ON d.id = employees.department_id",
+			expected: "d",
+		},
+		{
+			name:     "INNER JOIN with AS keyword",
+			join:     "INNER JOIN users AS u ON u.id = posts.user_id",
+			expected: "u",
+		},
+		{
+			name:     "Simple JOIN with alias",
+			join:     "JOIN roles r ON r.id = user_roles.role_id",
+			expected: "r",
+		},
+		{
+			name:     "JOIN without alias (just table name)",
+			join:     "JOIN departments ON departments.id = employees.dept_id",
+			expected: "",
+		},
+		{
+			name:     "RIGHT JOIN with alias",
+			join:     "RIGHT JOIN orders o ON o.customer_id = customers.id",
+			expected: "o",
+		},
+		{
+			name:     "FULL OUTER JOIN with AS",
+			join:     "FULL OUTER JOIN products AS p ON p.id = order_items.product_id",
+			expected: "p",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := extractJoinAlias(tt.join)
+			if result != tt.expected {
+				t.Errorf("extractJoinAlias(%q) = %q, want %q", tt.join, result, tt.expected)
+			}
+		})
+	}
+}
+
 // Helper function to check if a string contains a substring
 func contains(s, substr string) bool {
 	return len(s) >= len(substr) && (s == substr || len(s) > len(substr) && containsHelper(s, substr))

pkg/restheadspec/restheadspec.go

@@ -32,6 +32,7 @@
 //   - X-Clean-JSON: Boolean to remove null/empty fields
 //   - X-Custom-SQL-Where: Custom SQL WHERE clause (AND)
 //   - X-Custom-SQL-Or: Custom SQL WHERE clause (OR)
+//   - X-Custom-SQL-Join: Custom SQL JOIN clauses (pipe-separated for multiple)
 //
 // # Usage Example
 //