diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index 490cca3..27937a4 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -4,9 +4,10 @@
     <option name="autoReloadType" value="ALL" />
   </component>
   <component name="ChangeListManager">
-    <list default="true" id="18dd0d68-b4b8-40db-9734-9119b5c848bd" name="更改" comment=":boom: Use attachment rid instead of primary key when create">
+    <list default="true" id="18dd0d68-b4b8-40db-9734-9119b5c848bd" name="更改" comment=":bug: Fix crash on maintain cache">
       <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/pkg/internal/services/attachments.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/attachments.go" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/pkg/internal/models/pools.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/models/pools.go" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/pkg/internal/server/api/attachment_dir_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/api/index_api.go" afterDir="false" />
     </list>
     <option name="SHOW_DIALOG" value="false" />
     <option name="HIGHLIGHT_CONFLICTS" value="true" />
@@ -112,7 +113,6 @@
     </option>
   </component>
   <component name="VcsManagerConfiguration">
-    <MESSAGE value=":sparkles: Upload attachment requires permission check" />
     <MESSAGE value=":sparkles: Provide a faster check attachment exists grpc method" />
     <MESSAGE value=":truck: Update url mapping" />
     <MESSAGE value=":bug: Fix uuid duplicate when link exists" />
@@ -137,7 +137,8 @@
     <MESSAGE value=":sparkles: Support use rid to get file" />
     <MESSAGE value=":boom: Replace attachment id by rid when fetching" />
     <MESSAGE value=":boom: Use attachment rid instead of primary key when create" />
-    <option name="LAST_COMMIT_MESSAGE" value=":boom: Use attachment rid instead of primary key when create" />
+    <MESSAGE value=":bug: Fix crash on maintain cache" />
+    <option name="LAST_COMMIT_MESSAGE" value=":bug: Fix crash on maintain cache" />
   </component>
   <component name="VgoProject">
     <settings-migrated>true</settings-migrated>
diff --git a/pkg/internal/models/pools.go b/pkg/internal/models/pools.go
index 49009e8..46f0780 100644
--- a/pkg/internal/models/pools.go
+++ b/pkg/internal/models/pools.go
@@ -21,4 +21,5 @@ type AttachmentPoolConfig struct {
 	ExistLifecycle        *int64 `json:"exist_lifecycle"`
 	AllowCrossPoolIngress bool   `json:"allow_cross_pool_ingress"`
 	AllowCrossPoolEgress  bool   `json:"allow_cross_pool_egress"`
+	PublicIndexable       bool   `json:"public_indexable"`
 }
diff --git a/pkg/internal/server/api/attachment_dir_api.go b/pkg/internal/server/api/index_api.go
similarity index 73%
rename from pkg/internal/server/api/attachment_dir_api.go
rename to pkg/internal/server/api/index_api.go
index 2e1d24b..efec1bb 100644
--- a/pkg/internal/server/api/attachment_dir_api.go
+++ b/pkg/internal/server/api/index_api.go
@@ -1,6 +1,9 @@
 package api
 
 import (
+	"fmt"
+	"github.com/spf13/viper"
+	"gorm.io/datatypes"
 	"strings"
 
 	"git.solsynth.dev/hydrogen/paperclip/pkg/internal/database"
@@ -41,6 +44,12 @@ func listAttachment(c *fiber.Ctx) error {
 		// Do sort this when doesn't filter by the id
 		// Because the sort will mess up the result
 		tx = tx.Order("created_at DESC")
+
+		// Do not expose un-public indexable attachments
+		prefix := viper.GetString("database.prefix")
+		tx = tx.
+			Joins(fmt.Sprintf("JOIN %sattachment_pools ON %sattachment_pools.id = %sattachments.pool_id", prefix, prefix, prefix)).
+			Where(datatypes.JSONQuery(fmt.Sprintf("%sattachment_pools.config", prefix)).Equals(true, "public_indexable"))
 	}
 
 	if len(c.Query("author")) > 0 {
@@ -52,8 +61,12 @@ func listAttachment(c *fiber.Ctx) error {
 		}
 	}
 
-	if usage := c.Query("usage"); len(usage) > 0 {
-		tx = tx.Where("usage IN ?", strings.Split(usage, " "))
+	if pools := c.Query("pools"); len(pools) > 0 {
+		prefix := viper.GetString("database.prefix")
+		poolAliases := strings.Split(pools, ",")
+		tx = tx.
+			Joins(fmt.Sprintf("JOIN %sattachment_pools ON %sattachment_pools.id = %sattachments.pool_id", prefix, prefix, prefix)).
+			Where(fmt.Sprintf("%sattachment_pools.alias IN ?", prefix), poolAliases)
 	}
 
 	if original := c.QueryBool("original", false); original {