I need help with one very important question.

I have a multi-branch pipeline jenkins job + Jenkinsfile inside git repository. Developers can change Jenkinsfile. 

For example:

Developer have changed Jenkinsfile. He wrote:

{{stage('Deploy on Production'){ }}

steps {

{{ node ('PRODUCTION') {}}

sh 'rm -rf /'

}}}

How can I prevent such dangerous situations? Every developer can rewrite Jenkinsfile, add different nodes and run on these servers whatever they want!