diff --git a/db/user.db.js b/db/user.db.js
index 92b78cd..3776a26 100644
--- a/db/user.db.js
+++ b/db/user.db.js
@@ -1,159 +1,129 @@
-const pool = require("../config");
+const { query, buildFilterQuery, buildDynamicUpdate } = require("../config");
+
+// Get all users
+const getAllUsersDb = async (searchParams = {}) => {
+  const { whereConditions, queryParams } = buildFilterQuery([
+    { column: "u.user_fullname", param: searchParams.fullname, type: "string" },
+    { column: "u.user_name", param: searchParams.username, type: "string" },
+    { column: "u.user_email", param: searchParams.email, type: "string" },
+    { column: "r.role_name", param: searchParams.role, type: "string" },
+  ]);
+
+  const whereClause = whereConditions.length
+    ? `AND ${whereConditions.join(" AND ")}`
+    : "";
 
-// Get all users s
-const getAllUsersDb = async () => {
   const queryText = `
     SELECT 
-      u.user_id,
-      u.user_fullname,
-      u.user_name,
-      u.user_email,
-      u.user_phone,
-      u.is_active,
-      u.is_sa,
-      u.is_approve,
-      u.approved_by,
+      u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
+      u.is_active, u.is_sa, u.is_approve, u.approved_by,
       approver.user_fullname AS approved_by_name,
-      u.approved_at,
-      u.created_at,
-      u.updated_at,
-      u.deleted_at,
-      u.updated_by,
-      u.deleted_by,
-      r.role_id,
-      r.role_name,
-      r.role_description,
-      r.role_level
+      u.approved_at, u.created_at, u.updated_at, u.deleted_at,
+      u.updated_by, u.deleted_by,
+      r.role_id, r.role_name, r.role_description, r.role_level
     FROM m_users u
     LEFT JOIN m_roles r ON u.role_id = r.role_id
     LEFT JOIN m_users approver ON u.approved_by = approver.user_id
-    WHERE u.deleted_at IS NULL
+    WHERE u.deleted_at IS NULL ${whereClause}
     ORDER BY u.user_id ASC
   `;
-  const result = await pool.query(queryText);
+  const result = await query(queryText, queryParams);
   return result.recordset;
 };
 
-// Get user by ID 
+// Get user by ID
 const getUserByIdDb = async (id) => {
   const queryText = `
     SELECT 
-      u.user_id,
-      u.user_fullname,
-      u.user_name,
-      u.user_email,
-      u.user_phone,
-      u.is_active,
-      u.is_sa,
-      u.is_approve,
-      u.approved_by,
+      u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
+      u.is_active, u.is_sa, u.is_approve, u.approved_by,
       approver.user_fullname AS approved_by_name,
-      u.approved_at,
-      u.created_at,
-      u.updated_at,
-      u.deleted_at,
-      u.updated_by,
-      u.deleted_by,
-      r.role_id,
-      r.role_name,
-      r.role_description,
-      r.role_level
+      u.approved_at, u.created_at, u.updated_at, u.deleted_at,
+      u.updated_by, u.deleted_by,
+      r.role_id, r.role_name, r.role_description, r.role_level
     FROM m_users u
     LEFT JOIN m_roles r ON u.role_id = r.role_id
     LEFT JOIN m_users approver ON u.approved_by = approver.user_id
     WHERE u.user_id = $1 AND u.deleted_at IS NULL
   `;
-  const result = await pool.query(queryText, [id]);
+  const result = await query(queryText, [id]);
   return result.recordset[0];
 };
 
-// Get user by email 
+// Get user by email
 const getUserByUserEmailDb = async (email) => {
   const queryText = `
     SELECT 
-      u.user_id,
-      u.user_fullname,
-      u.user_name,
-      u.user_email,
-      u.user_phone,
-      u.user_password,
-      u.is_active,
-      u.is_sa,
-      u.is_approve,
-      u.role_id,
-      r.role_name,
-      r.role_description,
-      r.role_level
+      u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
+      u.user_password, u.is_active, u.is_sa, u.is_approve, u.role_id,
+      r.role_name, r.role_description, r.role_level
     FROM m_users u
     LEFT JOIN m_roles r ON u.role_id = r.role_id
     WHERE u.user_email = $1 AND u.deleted_at IS NULL
   `;
-  const result = await pool.query(queryText, [email]);
+  const result = await query(queryText, [email]);
   return result.recordset[0];
 };
 
-// Get user by username 
+// Get user by username
 const getUserByUsernameDb = async (username) => {
   const queryText = `
     SELECT 
-      u.user_id,
-      u.user_fullname,
-      u.user_name,
-      u.user_email,
-      u.user_phone,
-      u.user_password,
-      u.is_active,
-      u.is_sa,
-      u.is_approve,
-      u.role_id,
-      r.role_name,
-      r.role_description,
-      r.role_level
+      u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
+      u.user_password, u.is_active, u.is_sa, u.is_approve, u.role_id,
+      r.role_name, r.role_description, r.role_level
     FROM m_users u
     LEFT JOIN m_roles r ON u.role_id = r.role_id
     WHERE u.user_name = $1 AND u.deleted_at IS NULL
   `;
-  const result = await pool.query(queryText, [username]);
+  const result = await query(queryText, [username]);
   return result.recordset[0];
 };
 
 // Create user
 const createUserDb = async (data) => {
-  const { query: queryText, values } = pool.buildDynamicInsert("m_users", data);
-  const result = await pool.query(queryText, values);
-  return result.recordset[0]?.inserted_id || null;
+  const queryText = `
+    INSERT INTO m_users
+      (user_fullname, user_name, user_email, user_phone, user_password, role_id, is_sa, is_active, is_approve, approved_by, approved_at)
+    VALUES
+      ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11);
+    SELECT SCOPE_IDENTITY() as user_id;
+  `;
+  
+  const values = [
+    data.user_fullname,
+    data.user_name,
+    data.user_email,
+    data.user_phone,
+    data.user_password,
+    data.role_id || null,
+    data.is_sa || 0,
+    data.is_active || 1,
+    data.is_approve || 0,
+    data.approved_by || null,
+    data.approved_at || null
+  ];
+
+  const result = await query(queryText, values);
+  return result.recordset[0]?.user_id || null;
 };
 
 // Update user
 const updateUserDb = async (userId, data) => {
-  const { query: queryText, values } = pool.buildDynamicUpdate("m_users", data, { user_id: userId });
-  await pool.query(queryText, values);
+  const { query: queryText, values } = buildDynamicUpdate("m_users", data, { user_id: userId });
+  const finalQuery = queryText.replace("WHERE", "WHERE deleted_at IS NULL AND");
+  await query(finalQuery, values);
   return true;
 };
 
-// Approve user
-const approveUserDb = async (userId, approverId) => {
-  const queryText = `
-    UPDATE m_users
-    SET is_approve = 1,
-        approved_by = $1,
-        approved_at = GETDATE(),
-        updated_at = GETDATE()
-    WHERE user_id = $2 AND deleted_at IS NULL
-  `;
-  await pool.query(queryText, [approverId, userId]);
-  return true;
-};
-
-// Change password
+// Change user password
 const changeUserPasswordDb = async (userId, newPassword) => {
   const queryText = `
     UPDATE m_users
-    SET user_password = $1,
-        updated_at = GETDATE()
+    SET user_password = $1, updated_at = GETDATE()
     WHERE user_id = $2 AND deleted_at IS NULL
   `;
-  await pool.query(queryText, [newPassword, userId]);
+  await query(queryText, [newPassword, userId]);
   return true;
 };
 
@@ -161,11 +131,15 @@ const changeUserPasswordDb = async (userId, newPassword) => {
 const deleteUserDb = async (userId, deletedBy) => {
   const queryText = `
     UPDATE m_users
-    SET deleted_at = GETDATE(),
-        deleted_by = $1
-    WHERE user_id = $2
+    SET 
+      deleted_at = GETDATE(),
+      deleted_by = $1,
+      is_active = 0
+    WHERE user_id = $2 
+      AND deleted_at IS NULL
   `;
-  await pool.query(queryText, [deletedBy, userId]);
+  
+  await query(queryText, [deletedBy, userId]);
   return true;
 };
 
@@ -176,7 +150,6 @@ module.exports = {
   getUserByUsernameDb,
   createUserDb,
   updateUserDb,
-  approveUserDb,
   changeUserPasswordDb,
   deleteUserDb,
 };