Update the face auth locked out state only if face auth is enrolled,

When fingerprint is locked out for user A and we switch from another user to user A, the following happens:

 1. we use FingerprintManager#getLockoutModeForUser(...) to get the lockout mode for the current user and store it in KeyguardUpdateMonitor this returns BIOMETRIC_LOCKOUT_PERMANENT
 2. we use faceManager#getLockoutModeForUser(...) to get the lockout mode for the current user and store it in DeviceEntryFaceAuthRepository this also returns BIOMETRIC_LOCKOUT_PERMANENT (even though face is not enrolled)
 3. once we unlock the phone by entering the PIN/pattern/password, we receive a call through FingerprintManager.LockoutResetCallback#onLockoutReset this resets the state stored in KeyguardUpdateMonitor
 4. we don't receive a call on FaceManager.LockoutResetCallback#onLockoutReset so that state in DeviceEntryFaceAuthRepository never gets reset.
 5. face auth remains locked out, when we lock the device again we assume fingerprint is not allowed because face auth is strong and is locked out.

Bug: 365629896
Fixes: 348456150
Flag: EXEMPT bugfix
Test: atest
Test: verified manually,
 1. create 2 users, user A and B
 2. enroll fingerprint for both users
 3. lockout fingerprint for user A
 4. switch to user B
 5. switch back to user A
 6. "Face unlock unavailable" message should not be shown on lock screen
 7. unlock the device using pin/pattern/password
 8. lock the device again
 9. udfps should be available.
Change-Id: I9983f37075cb2638127b2fac6c1785e2496473cc