locksettings: clean up logging of escrow token operations

Currently "Disabling escrow token on user" is logged *every time* a
user's lockscreen credential is verified, if the user is not eligible
for escrow tokens.  Let's instead make
disableEscrowTokenOnNonManagedDevicesIfNeeded() return early if the user
has no escrow data, so it will only log if it does something.

At the same time, be more verbose when something is actually done
related to escrow tokens, as these are generally exceptional events.

Bug: 268526331
Change-Id: I83cd783572d33954b95c9d7bb58916e75459809e