diff --git a/svc/queries/account.go b/svc/queries/account.go
index 1c7b94e..3305ee2 100644
--- a/svc/queries/account.go
+++ b/svc/queries/account.go
@@ -1,61 +1,42 @@
 package queries
 
 import (
-	"context"
-	"fmt"
-	"log"
-	"strings"
-
 	"bssapp-backend/db"
 	"bssapp-backend/internal/authz"
 	"bssapp-backend/models"
+	"context"
+	"fmt"
+	"log"
 )
 
 func GetAccounts(ctx context.Context) ([]models.Account, error) {
 
-	piyasaCodes := authz.GetPiyasaCodesFromCtx(ctx)
-
-	// 🔴 HİÇ YETKİ YOKSA → HİÇ DATA VERME
-	if len(piyasaCodes) == 0 {
-		log.Println("⚠️ No piyasa permission → empty account list")
-		return []models.Account{}, nil
-	}
-
-	// ✅ Güvenli filter üret
-	quoted := make([]string, 0, len(piyasaCodes))
-	for _, p := range piyasaCodes {
-		quoted = append(quoted, "'"+p+"'")
-	}
-
-	piyasaFilter := fmt.Sprintf(
-		"f2.CustomerAtt01 IN (%s)",
-		strings.Join(quoted, ","),
+	piyasaFilter := authz.BuildMSSQLPiyasaFilter(
+		ctx,
+		"f.CustomerAtt01", // ✅ alias ile uyumlu
 	)
 
 	query := fmt.Sprintf(`
-    SELECT
-        x.AccountCode,
-        MAX(x.AccountName) AS AccountName
-    FROM (
-        SELECT
-            LEFT(b.CurrAccCode, 8) AS AccountCode,
-            COALESCE(d.CurrAccDescription, '') AS AccountName
-        FROM trCurrAccBook b
-        LEFT JOIN cdCurrAccDesc d
-            ON d.CurrAccCode = b.CurrAccCode
-        JOIN CustomerAttributesFilter f2
-            ON f2.CurrAccCode = b.CurrAccCode
-        WHERE %s
-    ) x
-    GROUP BY x.AccountCode
-    ORDER BY x.AccountCode
+SELECT 
+    c.CurrAccCode AS AccountCode,
+    ISNULL(d.CurrAccDescription, '') AS AccountName
+FROM cdCurrAcc c
+LEFT JOIN cdCurrAccDesc d
+  ON c.CurrAccCode = d.CurrAccCode
+LEFT JOIN dbo.CustomerAttributesFilter f
+  ON c.CurrAccCode = f.CurrAccCode
+WHERE
+  c.CompanyCode = 1
+  AND c.IsBlocked = 0
+  AND %s
+ORDER BY d.CurrAccDescription
 `, piyasaFilter)
 
-	log.Println("🔎 ACCOUNT FILTER =", piyasaFilter)
+	log.Println("🔎 ACCOUNTS FILTER:", piyasaFilter)
 
 	rows, err := db.MssqlDB.Query(query)
 	if err != nil {
-		return nil, fmt.Errorf("MSSQL query error: %w", err)
+		return nil, fmt.Errorf("MSSQL error: %w", err)
 	}
 	defer rows.Close()
 
@@ -74,7 +55,7 @@ func GetAccounts(ctx context.Context) ([]models.Account, error) {
 
 		if len(acc.AccountCode) >= 4 {
 			acc.DisplayCode =
-				strings.TrimSpace(acc.AccountCode[:3] + " " + acc.AccountCode[3:])
+				acc.AccountCode[:3] + " " + acc.AccountCode[3:]
 		} else {
 			acc.DisplayCode = acc.AccountCode
 		}