diff --git a/db/user.db.js b/db/user.db.js
index f2096f9..92b78cd 100644
--- a/db/user.db.js
+++ b/db/user.db.js
@@ -1,14 +1,32 @@
 const pool = require("../config");
 
-// Get all users
+// Get all users s
 const getAllUsersDb = async () => {
   const queryText = `
-    SELECT u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
-           u.is_active, u.created_at, u.updated_at, u.deleted_at,
-           u.updated_by, u.deleted_by,
-           r.role_id, r.role_name
+    SELECT 
+      u.user_id,
+      u.user_fullname,
+      u.user_name,
+      u.user_email,
+      u.user_phone,
+      u.is_active,
+      u.is_sa,
+      u.is_approve,
+      u.approved_by,
+      approver.user_fullname AS approved_by_name,
+      u.approved_at,
+      u.created_at,
+      u.updated_at,
+      u.deleted_at,
+      u.updated_by,
+      u.deleted_by,
+      r.role_id,
+      r.role_name,
+      r.role_description,
+      r.role_level
     FROM m_users u
     LEFT JOIN m_roles r ON u.role_id = r.role_id
+    LEFT JOIN m_users approver ON u.approved_by = approver.user_id
     WHERE u.deleted_at IS NULL
     ORDER BY u.user_id ASC
   `;
@@ -16,27 +34,56 @@ const getAllUsersDb = async () => {
   return result.recordset;
 };
 
-// Get user by ID
+// Get user by ID 
 const getUserByIdDb = async (id) => {
   const queryText = `
-    SELECT u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
-           u.is_active, u.created_at, u.updated_at, u.deleted_at,
-           u.updated_by, u.deleted_by,
-           r.role_id, r.role_name
+    SELECT 
+      u.user_id,
+      u.user_fullname,
+      u.user_name,
+      u.user_email,
+      u.user_phone,
+      u.is_active,
+      u.is_sa,
+      u.is_approve,
+      u.approved_by,
+      approver.user_fullname AS approved_by_name,
+      u.approved_at,
+      u.created_at,
+      u.updated_at,
+      u.deleted_at,
+      u.updated_by,
+      u.deleted_by,
+      r.role_id,
+      r.role_name,
+      r.role_description,
+      r.role_level
     FROM m_users u
     LEFT JOIN m_roles r ON u.role_id = r.role_id
+    LEFT JOIN m_users approver ON u.approved_by = approver.user_id
     WHERE u.user_id = $1 AND u.deleted_at IS NULL
   `;
   const result = await pool.query(queryText, [id]);
   return result.recordset[0];
 };
 
-// Get user by email (login)
+// Get user by email 
 const getUserByUserEmailDb = async (email) => {
   const queryText = `
-    SELECT u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
-           u.user_password, u.is_active, u.is_sa,
-           r.role_id, r.role_name
+    SELECT 
+      u.user_id,
+      u.user_fullname,
+      u.user_name,
+      u.user_email,
+      u.user_phone,
+      u.user_password,
+      u.is_active,
+      u.is_sa,
+      u.is_approve,
+      u.role_id,
+      r.role_name,
+      r.role_description,
+      r.role_level
     FROM m_users u
     LEFT JOIN m_roles r ON u.role_id = r.role_id
     WHERE u.user_email = $1 AND u.deleted_at IS NULL
@@ -45,12 +92,23 @@ const getUserByUserEmailDb = async (email) => {
   return result.recordset[0];
 };
 
-// Get user by username
+// Get user by username 
 const getUserByUsernameDb = async (username) => {
   const queryText = `
-    SELECT u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone, u.user_password,
-           u.is_active, u.role_id,
-           r.role_name
+    SELECT 
+      u.user_id,
+      u.user_fullname,
+      u.user_name,
+      u.user_email,
+      u.user_phone,
+      u.user_password,
+      u.is_active,
+      u.is_sa,
+      u.is_approve,
+      u.role_id,
+      r.role_name,
+      r.role_description,
+      r.role_level
     FROM m_users u
     LEFT JOIN m_roles r ON u.role_id = r.role_id
     WHERE u.user_name = $1 AND u.deleted_at IS NULL
@@ -73,11 +131,26 @@ const updateUserDb = async (userId, data) => {
   return true;
 };
 
-// Change user password
+// Approve user
+const approveUserDb = async (userId, approverId) => {
+  const queryText = `
+    UPDATE m_users
+    SET is_approve = 1,
+        approved_by = $1,
+        approved_at = GETDATE(),
+        updated_at = GETDATE()
+    WHERE user_id = $2 AND deleted_at IS NULL
+  `;
+  await pool.query(queryText, [approverId, userId]);
+  return true;
+};
+
+// Change password
 const changeUserPasswordDb = async (userId, newPassword) => {
   const queryText = `
     UPDATE m_users
-    SET user_password = $1, updated_at = GETDATE()
+    SET user_password = $1,
+        updated_at = GETDATE()
     WHERE user_id = $2 AND deleted_at IS NULL
   `;
   await pool.query(queryText, [newPassword, userId]);
@@ -96,25 +169,14 @@ const deleteUserDb = async (userId, deletedBy) => {
   return true;
 };
 
-// Get all roles
-const getAllRoleDb = async () => {
-  const queryText = `
-    SELECT role_id, role_name
-    FROM m_roles
-    ORDER BY role_id ASC
-  `;
-  const result = await pool.query(queryText);
-  return result.recordset;
-};
-
 module.exports = {
   getAllUsersDb,
   getUserByIdDb,
   getUserByUserEmailDb,
-  updateUserDb,
-  createUserDb,
-  deleteUserDb,
   getUserByUsernameDb,
+  createUserDb,
+  updateUserDb,
+  approveUserDb,
   changeUserPasswordDb,
-  getAllRoleDb,
+  deleteUserDb,
 };