only create new key on password change if a recovery key exists or if the user don't have any private/public keys

apps/files_encryption/hooks/hooks.php

@@ -179,10 +179,10 @@ class Hooks {
 		// the necessary keys)
 		if (Crypt::mode() === 'server') {
 
-			if ($params['uid'] === \OCP\User::getUser()) {
-
 			$view = new \OC_FilesystemView('/');
 
+			if ($params['uid'] === \OCP\User::getUser()) {
+
 				$session = new \OCA\Encryption\Session($view);
 
 				// Get existing decrypted private key
@@ -202,11 +202,15 @@ class Hooks {
 			} else { // admin changed the password for a different user, create new keys and reencrypt file keys
 
 				$user = $params['uid'];
+				$util = new Util($view, $user);
+				$recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null;
+
+				if (($util->recoveryEnabledForUser() && $recoveryPassword)
+						|| !$util->userKeysExists()) {
+
 					$recoveryPassword = $params['recoveryPassword'];
 					$newUserPassword = $params['password'];
 
-				$view = new \OC_FilesystemView('/');
-
 					// make sure that the users home is mounted
 					\OC\Files\Filesystem::initMountPoints($user);
 
@@ -235,6 +239,7 @@ class Hooks {
 				}
 			}
 		}
+	}
 
 	/*
 	 * @brief check if files can be encrypted to every user.